Kingdom: Code Quality

Poor code quality leads to unpredictable behavior. From a user's perspective that often manifests itself as poor usability. For an attacker it provides an opportunity to stress the system in unexpected ways.

Poor Style: Empty Synchronized Block

Java/JSP

Abstract

This synchronized block contains no statements; it is unlikely the synchronization achieves the intended effect.

Explanation

Synchronization in Java can be tricky. An empty synchronized block is often a sign that a programmer is wrestling with synchronization but has not yet achieved the result they intend.

Example 1:


synchronized(this) { }

References

[1] Standards Mapping - Common Weakness Enumeration CWE ID 585

desc.structural.java.poor_style_empty_synchronized_block