Class FindVulnerableSecurityCheckMethods

  • All Implemented Interfaces:
    Detector, Priorities, org.apache.bcel.classfile.Visitor

    public class FindVulnerableSecurityCheckMethods
    extends OpcodeStackDetector
    This detector finds all the vulnerable methods which uses Security Manager to perform some security check but are declared non-final and non-private in a non-final class. Please see @see SEI CERT MET03-J
    • Field Detail

      • badMethodNames

        private static final java.util.Set<java.lang.String> badMethodNames
    • Constructor Detail

      • FindVulnerableSecurityCheckMethods

        public FindVulnerableSecurityCheckMethods​(BugReporter bugReporter)