ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S1147/java/rule.adoc

22 lines
900 B
Plaintext
Raw Normal View History

make in-line code blocks verbatim
2021-01-27 13:42:22 +01:00
Calling ``++System.exit(int status)++`` or ``++Rutime.getRuntime().exit(int status)++`` calls the shutdown hooks and shuts downs the entire Java virtual machine. Calling ``++Runtime.getRuntime().halt(int)++`` does an immediate shutdown, without calling the shutdown hooks, and skipping finalization.
Add rules 1000-1999
2020-06-30 12:47:33 +02:00
Force linebreaks
2021-02-02 15:02:10 +01:00
Add rules 1000-1999
2020-06-30 12:47:33 +02:00
Each of these methods should be used with extreme care, and only when the intent is to stop the whole Java process. For instance, none of them should be called from applications running in a J2EE container.
== Noncompliant Code Example
----
System.exit(0);
Runtime.getRuntime().exit(0);
Runtime.getRuntime().halt(0);
----
== Exceptions
make in-line code blocks verbatim
2021-01-27 13:42:22 +01:00
These methods are ignored inside ``++main++``.
Add rules 1000-1999
2020-06-30 12:47:33 +02:00
== See
* http://cwe.mitre.org/data/definitions/382.html[MITRE, CWE-382] - Use of System.exit()
Add all rules, update all rules fixing the inline code syntax
2020-12-21 15:38:52 +01:00
* https://wiki.sei.cmu.edu/confluence/x/7zZGBQ[CERT, ERR09-J.] - Do not allow untrusted code to terminate the JVM
Reference in New Issue Copy Permalink