Java Coding Guidelines: Now Available Free Online
CERT Division of the Software Engineering Institute at Carnegie Mellon University identified “best” coding practices
October 3, 2014
PRESS RELEASE
October 1, 2014—While conducting the research that produced The CERT® Oracle® Coding Standard for Java, the Secure Coding Team in the CERT Division of the Software Engineering Institute at Carnegie Mellon University identified “best” coding practices that, if followed, would eliminate vulnerabilities and other defects in Java programs. Together with collaborators from other organizations, the team in 2013 published Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs. Now the CERT Division is making the content of the Java Coding Guidelines book available free online.
“We are making the Java coding guidelines available online both to promote more widespread adoption of secure coding standards and as a thank you to the software security and software development communities that have collaborated with us to make secure coding initiatives a success,” said Robert Seacord, technical manager of the CERT Secure Coding Initiative and co-author of the Java guidelines.
“Although failing to follow these Java guidelines does not necessarily result in an error,” said Seacord, “following these guidelines results in more robust and secure code. Consequently, these guidelines should not be considered less important than the rules in the CERT Oracle Coding Standard for Java.”
Intended primarily for software professionals working in Java Standard Edition (SE) 7 Platform environments, this guide is also useful to those working with Java Micro Edition (ME), Java Enterprise Edition (EE), and other contemporary Java-language platforms.
The CERT Secure Coding Team plans to update both The CERT Oracle Secure Coding Standard for Java and the Java Coding Guidelines to Java Standard Edition (SE) 8 and encourages the community to participate in the process by creating an account on the secure coding wiki and leaving comments or by contact the team at [email protected] if you would like to become an editor.
For free online access to the content of Java Coding Guidelines, visit https://www.securecoding.cert.org/confluence/display/jg/Java+Coding+Guidelines.
Top 10 Java Coding Guidelines for Reliable and Secure Programs
From among the 75 guidelines published in Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs, authors Robert C. Seacord, senior member of the SEI technical staff and technical manager of the CERT Secure Coding Initiative, and Fred Long, senior lecturer in the Department of Computer Science, Aberystwyth University, U.K., selected 10 guidelines as particularly important for programmers working in Java.
The top 10 are listed below. Guideline 18 was the subject of the 2013 JavaOne presentation Anatomy of a Java Zero-Day Exploit and Guideline 10 is the subject of a JavaOne presentation this year called Anatomy of Another Java 0-day Exploit.
Guideline 18: Do not expose methods that use reduced-security checks to untrusted code. Certain methods use a reduced-security check that checks only that the calling method is authorized rather than checking every method in the call stack. Any code that invokes these methods must guarantee that they cannot be invoked on behalf of untrusted code.
Guideline 10: Do not use the clone()method to copy untrusted method parameters. Inappropriate use of the clone() method can allow an attacker to exploit vulnerabilities by providing arguments that appear normal but subsequently return unexpected values. Such objects may consequently bypass validation and security checks.
Guideline 25: Document thread-safety and use annotations where applicable. The Java language annotation facility is useful for documenting design intent. Source code annotation is a mechanism for associating metadata with a program element and making it available to the compiler, analyzers, debuggers, or Java Virtual Machine (JVM) for examination. Several annotations are available for documenting thread-safety or the lack thereof.
Guideline 29: Be aware of numeric promotion behavior. Promotions in which the operands are converted from an int to a float or from a long to a double can cause a loss of precision.
Guideline 43: Use a try-with-resources statement to safely handle closeable resources. Using the try-with-resources statement prevents problems that can arise when closing resources with an ordinary try-catch-finally block, such as failing to close a resource because an exception is thrown as a result of closing another resource, or masking an important exception when a resource is closed.
Guideline 45: Use the same type for the second and third operands in conditional expressions. The complexity of the rules that determine the result type of a conditional expression can result in unintended type conversions. Consequently, the second and third operands of each conditional expression should have identical types.
Guideline 57: Avoid inadvertent wrapping of loop counters. Unless coded properly, a while or for loop may execute forever, or until the counter wraps around and reaches its final value.
Guideline 64: Strive for logical completeness. Software vulnerabilities can result when a programmer fails to consider all possible data states.
Guideline 69: Do not confuse abstract object equality with reference equality. Naïve programmers often confuse the intent of the == operation with that of the Object.equals() method. This confusion is frequently evident in the context of processing of String objects.
Guideline 71: Understand how escape characters are interpreted when strings are loaded. Many classes allow inclusion of escape sequences in character and string literals. Correct use of escape sequences in string literals requires understanding how the escape sequences are interpreted by the Java compiler, as well as how they are interpreted by any subsequent processor.
For each coding guideline presented in the book, the authors specify conformance requirements; for most, the authors offer noncompliant code examples and compliant solutions. The authors explain when to apply each guideline and provide references to even more detailed information. Java Coding Guidelines also presents updated techniques for protecting against deliberate attacks and other unexpected events, and best practices for improving code reliability and clarity.
For free online access to the content of Java Coding Guidelines, visit https://www.securecoding.cert.org/confluence/display/jg/Java+Coding+Guidelines.
###
You May Also Like