Description
The product contains a finalize() method that does not call super.finalize().
Extended Description
The Java Language Specification states that it is a good practice for a finalize() method to call super.finalize().
ThreatScore
Threat Mapped score: 0.0
Industry: Finiancial
Threat priority: Unclassified
Observed Examples (CVEs)
- No observed examples available.
Related Attack Patterns (CAPEC)
N/A
Attack TTPs
N/A
Modes of Introduction
| Phase |
Note |
| Implementation |
N/A |
Common Consequences
- Impact: Quality Degradation — Notes:
Potential Mitigations
- Implementation: Call the super.finalize() method. (N/A)
- Testing: Use static analysis tools to spot such issues in your code. (N/A)
Applicable Platforms
Demonstrative Examples
Intro: The following method omits the call to super.finalize().
protected void finalize() { discardNative(); }
Notes
← Back to CWE list