Page History

MITRE 2009CWE

CWE ID 374, "Passing Mutable Objects to an Untrusted Method"

CWE ID 375, "Returning a Mutable Object to an Untrusted Caller"

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="c1186243e01cc3d0-6f57f27a-40654e80-836ea3aa-3dd411ed7e0c6ba5adbe5e6b"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

[method clone()

http://java.sun.com/javase/6/docs/api/java/lang/Object.html#clone()]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="0c3757c47ef14af9-ac2a2b62-44c841ef-bb7f91fb-fe1d269fa7db73c6038eff3a"><ac:plain-text-body><![CDATA[

[[Bloch 2008

AA. Bibliography#Bloch 08]]

Item 39: Make defensive copies when needed and Item 11: Override clone judiciously

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="454b9d86ec4cdb97-20a1182f-498942cc-b61088da-200e2ea6133e5578a4356c72"><ac:plain-text-body><![CDATA[

[[SCG 2007

AA. Bibliography#SCG 07]]

Guideline 2-2 Support copy functionality for a mutable class

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="bd63dfd572ccc82e-368b0fe8-425341fd-9a9e8c26-f075aa982038b2d23e6aeaab"><ac:plain-text-body><![CDATA[

[[SCG 2009

AA. Bibliography#SCG 09]]

Guideline 2-3 Support copy functionality for a mutable class

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="3af893750e957a5b-41247477-401647d7-b4c9b8e2-c04390f2c4d2d179c00fc5b4"><ac:plain-text-body><![CDATA[

[[Security 2006

AA. Bibliography#Security 06]]

]]></ac:plain-text-body></ac:structured-macro>