...
According to [JNI Tips], section "Local and Global References", references in native code to the same object may have different values. Return values from the NewGlobalRef()
function when applied to the same object may be differentdiffer from each other. Consequently, object references are not necessarily constant or unique. Object references should never be compared using == in native code; instead use the IsSameObject
functionor !=
in native code. When testing for object equality, the IsSameObject()
function should be used instead of ==
.
Noncompliant Code Example
...
If it is assumed that an object reference is constant or unique then erroneous results may be obtained that could lead to the app crashing. This, in turn, could be used to mount a denial or -of-service attack.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
JNI02-J | Low | Probable | High | P2 | L3 |
...