...
Sound automated detection appears to be infeasible in the general case. Heuristic approaches could be useful.
Related Guidelines
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9b725f35-72b6-4fe2-b9d4-649d81f35d48"><ac:plain-text-body><![CDATA[ | AA. Bibliography#MITRE 09]] | [CWE-374 | http://cwe.mitre.org/data/definitions/374.html] CWE ID 374, "Passing Mutable Objects to an Untrusted Method" and [CWE-375http://cwe.mitre.org/data/definitions/375.html] | |
| CWE ID 375, "Returning a Mutable Object to an Untrusted Caller" | ]]></ac:plain-text-body></ac:structured-macro> |
Bibliography
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="7b93ebd5d1f4d49c-b56fa080-4ef545af-bd53b79a-a27ec8e064989cdfbead2901"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | [method clone() | http://java.sun.com/javase/6/docs/api/java/lang/Object.html#clone()] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="3fd84806c41a040e-1a71d3ac-49c14e29-9529b20d-338ec5858c36ae294b54a0dd"><ac:plain-text-body><![CDATA[ | [[Bloch 2008 | AA. Bibliography#Bloch 08]] | Item 39: Make defensive copies when needed and Item 11: Override clone judiciously | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a9beccfe6dcd913f-913fa74f-49484bfa-ae188e81-45d7c95ff40f5c8c83088910"><ac:plain-text-body><![CDATA[ | [[SCG 2007 | AA. Bibliography#SCG 07]] | Guideline 2-2 Support copy functionality for a mutable class | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="0c6eed9eb202aaff-ddf5000c-472f40e2-b0b6a3e6-a3df4de0672bde2f9ad941ad"><ac:plain-text-body><![CDATA[ | [[SCG 2009 | AA. Bibliography#SCG 09]] | Guideline 2-3 Support copy functionality for a mutable class | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="83914d83f71cca01-54109d5a-4c8046fc-88a285db-405ac5b660447c7cb83331f6"><ac:plain-text-body><![CDATA[ | [[Security 2006 | AA. Bibliography#Security 06]] | ]]></ac:plain-text-body></ac:structured-macro> |
...