This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Code Correctness: Erroneous finalize() Method"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 
{{Template:Fortify}}
 
{{Template:Fortify}}
 
 
{{Template:Vulnerability}}
 
{{Template:Vulnerability}}
  

Revision as of 14:42, 19 July 2006

This article includes content generously donated to OWASP by MicroFocus Logo.png

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.


Abstract

This finalize() method does not call super.finalize().

Description

The Java Language Specification states that it is a good practice for a finalize() method to call super.finalize().[1]

Examples

The following method omits the call to super.finalize(). 

 protected void finalize() {
                discardNative();
 }

Related Threats

Related Attacks

Related Vulnerabilities

Related Countermeasures

References

[1] J. Gosling, B. Joy, G. Steele, G. Bracha. The Java Language Specification, Second Edition. Addison-Wesley, 2000.

Retrieved from "https://wiki.owasp.org/index.php?title=Code_Correctness:_Erroneous_finalize()_Method&oldid=7596"