OpenHarmony-Java-secure-coding-guide.md - OpenGrok cross reference for /ohos5.0/docs/en/contribute/OpenHarmony-Java-secure-coding-guide.md

Lines Matching refs:prevent
11 …te a numeric value that is outside of a specific integer range, so as to prevent integer overflows…
69 ## Do not use a null in any case where an object is required to prevent null pointer reference
103 An unreleased lock in any thread will prevent other threads from acquiring the same lock, leading t…
348 …ssions. Consequently, files must be created with access permissions that prevent unauthorized file…
356 …s permissions of any file created are implementation-defined and may not prevent unauthorized acce…
438 …ore performing file read/write operations. This practice can effectively prevent risks like path t…
639 …ream, output stream, and error stream, which must be properly handled to prevent them from being b…
1055 …rnal data to concatenate the SQL statements. The following measures can help prevent SQL injection:
1061 Parameterized query is preferred because it is an easy way to effectively prevent SQL injection. In…
1130 Although parameterized query is the most convenient and effective way to prevent SQL injection, it …
1263 …be escaped. Using escaped fields to concatenate commands can effectively prevent command injection.
1265 …t not the entire concatenated command. The escape method can effectively prevent command injection…
1476 …mple, external data is encoded before the XML string is concatenated, to prevent tampering with th…
1568 The compliant code example disables the parsing of DTDs, which can prevent both XXE and internal en…
1572 This compliant code example can prevent XXE attacks but not XML internal entity attacks.
1633 …s. XXE and XEE attacks have different protection measures (disabling DTD parsing can prevent both).
1727 …ory** is used to convert XML data, security policies need to be added to prevent insecure XSLT cod…
1791 ## Try best to simplify the regular expression (regex) to prevent regular expression denial of serv…
1931 …n** in external data, could be replaced before being recorded in logs to prevent log injection. Th…
1971 … invocation must be done in a separate **try-catch** structure, so as to prevent a release failure…