This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Code Correctness: Erroneous finalize() Method"
From OWASP
Weilin Zhong (talk | contribs) |
Weilin Zhong (talk | contribs) |
||
Line 22: | Line 22: | ||
==Related Attacks== | ==Related Attacks== | ||
− | |||
− | |||
==Related Vulnerabilities== | ==Related Vulnerabilities== | ||
Line 39: | Line 37: | ||
[[Category:Code Snippet]] | [[Category:Code Snippet]] | ||
− | [[Category: | + | [[Category:API Abuse]] |
Revision as of 18:30, 18 July 2006
This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.
Abstract
This finalize() method does not call super.finalize().
Description
The Java Language Specification states that it is a good practice for a finalize() method to call super.finalize().[1]
Examples
The following method omits the call to super.finalize().
protected void finalize() { discardNative(); }
Related Threats
Related Attacks
Related Vulnerabilities
Related Countermeasures
References
[1] J. Gosling, B. Joy, G. Steele, G. Bracha. The Java Language Specification, Second Edition. Addison-Wesley, 2000.