• Home
• org.walkmod
• walkmod-pmd-plugin
• 1.1.1
• source code
• sunsecure.xml

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

rulesets.java.sunsecure.xml Maven / Gradle / Ivy

<?xml version="1.0"?>

<ruleset name="Security Code Guidelines"
    xmlns="http://pmd.sourceforge.net/ruleset/2.0.0"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://pmd.sourceforge.net/ruleset/2.0.0 http://pmd.sourceforge.net/ruleset_2_0_0.xsd">
  <description>
These rules check the security guidelines from Sun, published at http://java.sun.com/security/seccodeguide.html#gcg
  </description>

    <rule name="MethodReturnsInternalArray"
    	    since="2.2"
          message="Returning ''{0}'' may expose an internal array."
          class="net.sourceforge.pmd.lang.java.rule.sunsecure.MethodReturnsInternalArrayRule"
          externalInfoUrl="https://pmd.github.io/pmd-5.4.1/pmd-java/rules/java/sunsecure.html#MethodReturnsInternalArray">
      <description>
Exposing internal arrays to the caller violates object encapsulation since elements can be 
removed or replaced outside of the object that owns it. It is safer to return a copy of the array.
      </description>
        <priority>3</priority>
      <example>
  <![CDATA[
public class SecureSystem {
  UserData [] ud;
  public UserData [] getUserData() {
      // Don't return directly the internal array, return a copy
      return ud;
  }
}
  ]]>
      </example>
      </rule>

    <rule name="ArrayIsStoredDirectly"
    	  since="2.2"
        message="The user-supplied array ''{0}'' is stored directly."
          class="net.sourceforge.pmd.lang.java.rule.sunsecure.ArrayIsStoredDirectlyRule"
          externalInfoUrl="https://pmd.github.io/pmd-5.4.1/pmd-java/rules/java/sunsecure.html#ArrayIsStoredDirectly">
      <description>
Constructors and methods receiving arrays should clone objects and store the copy.
This prevents future changes from the user from affecting the original array.
      </description>
        <priority>3</priority>
      <example>
  <![CDATA[
public class Foo {
  private String [] x;
    public void foo (String [] param) {
      // Don't do this, make a copy of the array at least
      this.x=param;
    }
}
  ]]>
      </example>
      </rule>
    
</ruleset>