If security checks are based on untrusted sources, it becomes possible to bypass them. It is recommended to defensively copy the untrusted object or parameter before the security check is carried out. For this purpose deep copies must be created as opposed to using the clone() method to create shallow copies (MET39-J. Do not use the clone method to copy untrusted method parameters). Also see the related guideline FIO31FIO00-J. Defensively copy mutable inputs and mutable internal components.
...