...
| Wiki Markup |
|---|
As detailed in the Java Language Specification \[[JLS 05|AA. Java References#JLS 05]\] section 14.14.2, ""The enhanced {{for}} statement"", an enhanced {{for}} statement of the form: |
...
| Code Block | ||
|---|---|---|
| ||
Character[] array = new Character[10]; for(Character c: array) c = 'x'; // initialization attempt for(int i=0;i<i<arrayarray.length;i++) System.out.print(array[i]); // prints 10 "null""null" values |
Note that if c is declared final, a compiler error results when an attempt is made to initialize it.
...
| Code Block | ||
|---|---|---|
| ||
Character[] array = new Character[10]; for(int i = 0; i << array.length; i++) array[i] = 'x'; for(final Character c: array) System.out.print(c); // prints 10 "x""x" values |
Risk Assessment
Attempts to assign to the loop variable from within the enhanced for loop (for-each idiom) are futile and may leave the class in a fragile, inconsistent state.
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
TODO
References
| Wiki Markup |
|---|
\[[JLS 05|AA. Java References#JLS 05]\] Section [14.14.2|http://java.sun.com/docs/books/jls/third_edition/html/statements.html#14.14.2] ""The enhanced for statement"" |
...
DCL08-J. Enforce compile-time type checking of variable argument types 03. Declarations and Initialization (DCL) DCL31-J. Qualify mathematical constants with the static and final modifiers