Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider Java v3.0

...

Code Block
bgColor#FFCCCC
public class MutableHolder {
  private Hashtable<IntegerHashtable&lt;Integer, String>String&gt; value; // not final
  public Object getValue() { return value; }
  public void setValue(Hashtable<IntegerHashtable&lt;Integer, String>String&gt; ht) { 
    value = (Hashtable<IntegerHashtable&lt;Integer, String>String&gt;)ht;
  }
}

This example also violates OBJ37-J. Defensively copy private mutable class members before returning their references.

...

Code Block
bgColor#ccccff
public class ImmutableHolder {
  private final Hashtable<IntegerHashtable&lt;Integer, String>String&gt; value;

  // create defensive copy of inputs 
  public ImmutableHolder(Hashtable<IntegerHashtable&lt;Integer, String>String&gt; ht) { value = (Hashtable<IntegerHashtable&lt;Integer, String>String&gt;)ht.clone(); }

  // create defensive copy while returning  
  public Object getValue() { return value.clone(); }

}

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[API 06|AA. Java References#API 06]\] Class {{System}}
\[[Commes 07|AA. Java References#Commes 07]\] Garbage Collection Concepts and Programming Tips
\[[Goetz 04|AA. Java References#Goetz 04]\] 
\[[Lo 05|AA. Java References#Lo 05]\] 
\[[Bloch 08|AA. Java References#Bloch 08]\] Item 6: "&quot;Eliminate obsolete object references"&quot;
\[[MITRE 09|AA. Java References#MITRE 09]\] [CWE ID 405|http://cwe.mitre.org/data/definitions/405.html] "&quot;Asymmetric Resource Consumption (Amplification)"&quot;

...

OBJ04-J. Encapsulate the absence of an object by using a Null Object      &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;08. Object Orientation (OBJ)      &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;OBJ30-J. Do not ignore return values of methods that operate on immutable objects