Arrays do not override the Object.equals() method; rather, the implementation of the equals() method for arrays compares the an array's references rather than its contents. To compare the contents of the two arrays. Use , use the two-argument Arrays.equals() method to compare the contents of two arrayisntead. When intentionally testing reference equality, use the reference equality operators, == and !=; inappropriate . Inappropriate use of the equals() method may can lead to unexpected results.
...
The Coverity Prevent Version 5.0 BAD_EQ checker can detect the instance where the " == " operator is being used for equality of objects when, ideally, equals() should have been used. The " == " operator could consider the objects to be different when , whereas the equals() considers method would consider them to be the same.
Static detection of attempts to use array_object.equals(...) appears to be straightforward.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
Bibliography
| Wiki Markup |
|---|
\[[API 2006|AA. Bibliography#API 06]\] [Class {{Arrays}}|http://download.oracle.com/javase/6/docs/api/java/util/Arrays.html] |
...