Page: IDS51-J. Properly encode or escape output
|
Michal Rozenau |
Jan 10, 2023
|
Page: IDS52-J. Prevent code injection
|
Michal Rozenau |
Jan 10, 2023
|
Page: IDS53-J. Prevent XPath Injection
|
Michal Rozenau |
Jan 10, 2023
|
Page: IDS54-J. Prevent LDAP injection
|
Michal Rozenau |
Jan 10, 2023
|
Page: IDS55-J. Understand how escape characters are interpreted when strings are loaded
|
Will Snavely |
Nov 16, 2017
|
Page: IDS56-J. Prevent arbitrary file upload
|
Will Snavely |
Nov 16, 2017
|
Page: Input Validation and Data Sanitization
|
Robert Seacord (Manager) |
Apr 28, 2015
|
Page: ISO/IEC TR 24772:2010
|
Derek Leung |
Dec 03, 2018
|
Page: ISO/IEC TR 24772:2013
|
Derek Leung |
Dec 03, 2018
|
Page: Java Coding Guidelines
|
Sandy Shrum |
Mar 05, 2015
|
Page: Java Rules
|
Robert Seacord (Manager) |
Oct 06, 2014
|
Page: JNI00-J. Define wrappers around native methods
|
Michal Rozenau |
May 18, 2021
|
Page: JNI01-J. Safely invoke standard APIs that perform tasks using the immediate caller's class loader instance (loadLibrary)
|
Michal Rozenau |
May 18, 2021
|
Page: JNI02-J. Do not assume object references are constant or unique
|
David Svoboda |
Oct 17, 2014
|
Page: JNI03-J. Do not use direct pointers to Java objects in JNI code
|
David Svoboda |
Oct 17, 2014
|
Page: JNI04-J. Do not assume that Java strings are null-terminated
|
David Svoboda |
Oct 17, 2014
|
Page: Klocwork
|
David Svoboda |
Feb 08, 2024
|
Page: Klocwork_V
|
Jill Britton |
Apr 02, 2024
|
Page: Labels for this Space
|
David Svoboda |
May 18, 2016
|
Page: LCK00-J. Use private final lock objects to synchronize classes that may interact with untrusted code
|
Jon O'Donnell |
Aug 06, 2021
|
Page: LCK01-J. Do not synchronize on objects that may be reused
|
Svyatoslav Razmyslov |
Jun 25, 2021
|
Page: LCK02-J. Do not synchronize on the class object returned by getClass()
|
Michal Rozenau |
May 18, 2021
|
Page: LCK03-J. Do not synchronize on the intrinsic locks of high-level concurrency objects
|
Jon O'Donnell |
Mar 31, 2021
|
Page: LCK04-J. Do not synchronize on a collection view if the backing collection is accessible
|
Michal Rozenau |
May 18, 2021
|
Page: LCK05-J. Synchronize access to static fields that can be modified by untrusted code
|
Jon O'Donnell |
Aug 06, 2021
|
Page: LCK06-J. Do not use an instance lock to protect shared static data
|
Winfried Gerlach |
Mar 15, 2022
|
Page: LCK07-J. Avoid deadlock by requesting and releasing locks in the same order
|
Michal Rozenau |
May 18, 2021
|
Page: LCK08-J. Ensure actively held locks are released on exceptional conditions
|
David Svoboda |
Jun 16, 2021
|
Page: LCK09-J. Do not perform operations that can block while holding a lock
|
Jon O'Donnell |
Aug 06, 2021
|
Page: LCK10-J. Use a correct form of the double-checked locking idiom
|
Jon O'Donnell |
Aug 06, 2021
|