This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Code Correctness: Call to Thread.run()"
From OWASP
Weilin Zhong (talk | contribs) |
Weilin Zhong (talk | contribs) |
||
| Line 22: | Line 22: | ||
thr.run(); | thr.run(); | ||
| − | [[Category:API Abuse]] | + | ==Examples == |
| + | |||
| + | ==Related Threats== | ||
| + | |||
| + | ==Related Attacks== | ||
| + | |||
| + | [[:Category:API Abuse Attack]] | ||
| + | |||
| + | ==Related Vulnerabilities== | ||
| + | |||
| + | ==Related Countermeasures== | ||
| + | |||
| + | ==Categories== | ||
[[Category:Java]] | [[Category:Java]] | ||
Revision as of 17:31, 18 July 2006
- This article includes content generously donated to OWASP by
This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.
Abstract
The program calls a thread's run() method instead of calling start().
Description
In most cases a direct call to a Thread object's run() method is a bug. The programmer intended to begin a new thread of control, but accidentally called run() instead of start(), so the run() method will execute in the caller's thread of control.
Examples
The following excerpt from a Java program mistakenly calls run() instead of start().
Thread thr = new Thread() {
public void run() {
...
}
};
thr.run();
