Java Reference
In-Depth Information
int login;
if (invalid_login())
login = 0;
else
// Debug line added below
System.out.println("Login is valid\n");
// The next line is always executed
login = 1;
The code's indentation disguises the functionality of the program, potentially leading
to a security vulnerability.
Compliant Solution
This compliant solution uses opening and closing braces even though the
if
and
else
bodies of the
if
statement are single statements:
int login;
if (invalid_login()) {
login = 0;
} else {
login = 1;
}
Noncompliant Code Example
This noncompliant code example nests an
if
statement within another
if
statement,
without braces around the
if
and
else
bodies:
int privileges;
if (invalid_login())
if (allow_guests())
privileges = GUEST;
else
privileges = ADMINISTRATOR;
