4e0e265d9e
They redirect to https://wiki.sei.cmu.edu. Fix broken links for open rules. Remove broken links from closed rules. Remove links in Java rules for CERT C rules with no obvious replacement. Expand broken tinyurl to CERT.
49 lines
1.1 KiB
Plaintext
49 lines
1.1 KiB
Plaintext
== Why is this an issue?
|
|
|
|
When a cycle exists between classes during their ``++static++`` initialization, the results can be unpredictable because they depend on which class was initialized first.
|
|
|
|
|
|
=== Noncompliant code example
|
|
|
|
[source,java]
|
|
----
|
|
public class A {
|
|
public static int a = B.b + 1; // Noncompliant; sometimes a = 1, others a = 2
|
|
}
|
|
|
|
public class B {
|
|
public static int b = A.a + 1; // Noncompliant; sometimes b = 1, others b = 2
|
|
}
|
|
----
|
|
|
|
|
|
== Resources
|
|
|
|
* CERT - https://wiki.sei.cmu.edu/confluence/display/java/DCL00-J.+Prevent+class+initialization+cycles[DCL00-J. Prevent class initialization cycles]
|
|
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
=== Message
|
|
|
|
Class "xxx" accesses this class during static initialization.
|
|
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
=== is related to: S3263
|
|
|
|
=== on 13 Jan 2015, 15:17:51 Ann Campbell wrote:
|
|
We had this in your queue for research, but I came across the CERT reference...
|
|
|
|
=== on 27 Jan 2015, 20:13:41 Freddy Mallet wrote:
|
|
And so the "cwe" tag is missing :)
|
|
|
|
endif::env-github,rspecator-view[]
|