• CodeQL query help documentation »
• CodeQL query help for Java and Kotlin »

Inconsistent synchronization for writeObject()

ID: java/inconsistent-sync-writeobject
Kind: problem
Security severity: 
Severity: warning
Precision: medium
Tags:
   - reliability
   - correctness
   - concurrency
   - language-features
   - external/cwe/cwe-662
Query suites:
   - java-security-and-quality.qls

Click to see the query in the CodeQL repository

Classes with a synchronized writeObject method but no other synchronized methods usually lack a sufficient level of synchronization. If any mutable state of this class can be modified without proper synchronization, the serialization using the writeObject method may result in an inconsistent state.

Recommendation

See if synchronization is necessary on methods other than writeOject to make the class thread-safe. Any methods that access or modify the state of an object of this class should usually be synchronized as well.

References

• Java Language Specification: Synchronization.

• Common Weakness Enumeration: CWE-662.

• © GitHub, Inc.
• Terms
• Privacy