Page: MSC03-J. Never hard code sensitive information
|
Jon O'Donnell |
Aug 06, 2021
|
Page: MSC04-J. Do not leak memory
|
David Svoboda |
Sep 19, 2022
|
Page: MSC05-J. Do not exhaust heap space
|
Jon O'Donnell |
Aug 06, 2021
|
Page: MSC06-J. Do not modify the underlying collection when an iteration is in progress
|
Svyatoslav Razmyslov |
Jun 25, 2021
|
Page: MSC07-J. Prevent multiple instantiations of singleton objects
|
David Svoboda |
Apr 15, 2024
|
Page: MSC08-J. Do not store nonserializable objects as attributes in an HTTP session
|
Carol J. Lallier |
Jul 13, 2015
|
Page: MSC09-J. For OAuth, ensure (a) [relying party receiving user's ID in last step] is same as (b) [relying party the access token was granted to].
|
Carol J. Lallier |
Jul 13, 2015
|
Page: MSC10-J. Do not use OAuth 2.0 implicit grant (unmodified) for authentication
|
Carol J. Lallier |
Jul 13, 2015
|
Page: MSC11-J. Do not let session information leak within a servlet
|
G. Ann Campbell |
Jul 21, 2017
|
Page: MSC50-J. Minimize the scope of the @SuppressWarnings annotation
|
Will Snavely |
Nov 16, 2017
|
Page: MSC51-J. Do not place a semicolon immediately following an if, for, or while condition
|
Svyatoslav Razmyslov |
Jun 25, 2021
|
Page: MSC52-J. Finish every set of statements associated with a case label with a break statement
|
Michal Rozenau |
Jan 10, 2023
|
Page: MSC53-J. Carefully design interfaces before releasing them
|
David Svoboda |
Jan 21, 2020
|
Page: MSC54-J. Avoid inadvertent wrapping of loop counters
|
Will Snavely |
Nov 16, 2017
|
Page: MSC55-J. Use comments consistently and in a readable fashion
|
Will Snavely |
Nov 16, 2017
|
Page: MSC56-J. Detect and remove superfluous code and values
|
Michal Rozenau |
Jan 10, 2023
|
Page: MSC57-J. Strive for logical completeness
|
Michal Rozenau |
Jan 10, 2023
|
Page: MSC58-J. Prefer using iterators over enumerations
|
Will Snavely |
Nov 16, 2017
|
Page: MSC59-J. Limit the lifetime of sensitive data
|
Derek Leung |
Nov 19, 2018
|
Page: MSC60-J. Do not use assertions to verify the absence of runtime errors
|
Michal Rozenau |
Jan 10, 2023
|
Page: MSC61-J. Do not use insecure or weak cryptographic algorithms
|
Michal Rozenau |
Jan 10, 2023
|
Page: MSC62-J. Store passwords using a hash function
|
Michal Rozenau |
Jan 10, 2023
|
Page: MSC63-J. Ensure that SecureRandom is properly seeded
|
Will Snavely |
Nov 16, 2017
|
Page: NUM00-J. Detect or prevent integer overflow
|
Jon O'Donnell |
Aug 06, 2021
|
Page: NUM01-J. Do not perform bitwise and arithmetic operations on the same data
|
Michal Rozenau |
May 18, 2021
|
Page: NUM02-J. Ensure that division and remainder operations do not result in divide-by-zero errors
|
Svyatoslav Razmyslov |
Jun 25, 2021
|
Page: NUM03-J. Use integer types that can fully represent the possible range of unsigned data
|
Carol J. Lallier |
Jun 03, 2015
|
Page: NUM04-J. Do not use floating-point numbers if precise computation is required
|
Michal Rozenau |
May 18, 2021
|
Page: NUM07-J. Do not attempt comparisons with NaN
|
Svyatoslav Razmyslov |
Jun 25, 2021
|
Page: NUM08-J. Check floating-point inputs for exceptional values
|
Michal Rozenau |
May 18, 2021
|