forked from github/codeql
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathEjbThreads.ql
More file actions
33 lines (29 loc) · 1.24 KB
/
EjbThreads.ql
File metadata and controls
33 lines (29 loc) · 1.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
/**
* @name EJB uses threads
* @description An EJB should not attempt to manage threads,
* as it could interfere with the EJB container's operation.
* @kind problem
* @problem.severity error
* @precision low
* @id java/ejb/threads
* @tags reliability
* external/cwe/cwe-383
* external/cwe/cwe-573
*/
import java
import semmle.code.java.frameworks.javaee.ejb.EJB
import semmle.code.java.frameworks.javaee.ejb.EJBRestrictions
/*
JSR 220: Enterprise JavaBeansTM,Version 3.0
EJB Core Contracts and Requirements
Section 21.1.2 Programming Restrictions
- The enterprise bean must not attempt to manage threads. The enterprise bean must not attempt
to start, stop, suspend, or resume a thread, or to change a thread's priority or name. The enter-
prise bean must not attempt to manage thread groups.
These functions are reserved for the EJB container. Allowing the enterprise bean to manage threads
would decrease the container's ability to properly manage the runtime environment.
*/
from Callable origin, ForbiddenThreadingCallable target, Call call
where ejbCalls(origin, target, call)
select origin, "EJB should not attempt to manage threads by calling $@.",
call, target.getDeclaringType().getName() + "." + target.getName()