...
It is unreasonable to assume that classes that use immutable objects are themselves immutable.
Noncompliant Code Example
This noncompliant code example published the helper field prematurely through the getHelper() method. Multiple threads may initialize the field, making class Foo mutable.
...
If the Helper class is immutable, it cannot be changed after it is initialized and will always be properly constructed. However, this does not prevent a thread from accessing the helper field of class Foo such that it misses observing the most recent value set by some other thread.
Compliant Solution
This compliant solution synchronizes the methods of class Foo to ensure that no thread sees a partially initialized helper.
| Code Block | ||
|---|---|---|
| ||
class Foo {
private Helper helper;
public synchronized Helper getHelper() {
return helper;
}
public synchronized void initialize(int num) {
helper = new Helper(num);
}
}
|
Risk Assessment
The assumption that classes containing immutable objects are immutable is misleading and can cause serious thread-safety issues.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
CON28-J | low | probable | medium | P4 | L2 |
Automated Detection
TODO
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
| Wiki Markup |
|---|
\[[API 06|AA. Java References#API 06]\] \[[JPL 06|AA. Java References#JPL 06]\], 14.10.2. Final Fields and Security: |
...