This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of "Code Correctness: Erroneous finalize() Method"

Jump to: navigation, search
Line 22: Line 22:
==Related Attacks==
==Related Attacks==
[[:Category:API Abuse Attack]]
==Related Vulnerabilities==
==Related Vulnerabilities==
Line 39: Line 37:
[[Category:Code Snippet]]
[[Category:Code Snippet]]
[[Category:Use of Dangerous API]]
[[Category:API Abuse]]

Revision as of 18:30, 18 July 2006

This article includes content generously donated to OWASP by MicroFocus Logo.png

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.


This finalize() method does not call super.finalize().


The Java Language Specification states that it is a good practice for a finalize() method to call super.finalize().[1]


The following method omits the call to super.finalize().

 protected void finalize() {

Related Threats

Related Attacks

Related Vulnerabilities

Related Countermeasures


[1] J. Gosling, B. Joy, G. Steele, G. Bracha. The Java Language Specification, Second Edition. Addison-Wesley, 2000.