...
This compliant solution prevents a hostile caller from using a partially initialized instance of the class. In the case of the noncompliant code example, the BankOperations class's superclass's constructor is called implicitly from the BankOperations constructor, just before the check. This exposes the partially initialized object to the finalizer attack. In this compliant solution, the check is carried out before the superclass's constructor executes. This forbids hostile code from obtaining a partially initialized instance.
| Code Block | ||
|---|---|---|
| ||
public class BankOperations { public BankOperations() { this(performSSNVerification()); } private BankOperations(boolean performSSNVerification) { // ... } private static boolean performSSNVerification() { // Returns true if data entered is valid, else throws a SecurityException // Assume that the attacker just enters invalid SSN; so this method always throws the exception throw new SecurityException("Invalid SSN!"); } public void greet() { System.out.println("Welcome user! You may now use all the features."); } } |
...