...
Code Block | ||
---|---|---|
| ||
public class MutableHolder { private Hashtable<IntegerHashtable<Integer, String>String> value; // not final public Object getValue() { return value; } public void setValue(Hashtable<IntegerHashtable<Integer, String>String> ht) { value = (Hashtable<IntegerHashtable<Integer, String>String>)ht; } } |
This example also violates OBJ37-J. Defensively copy private mutable class members before returning their references.
...
Code Block | ||
---|---|---|
| ||
public class ImmutableHolder { private final Hashtable<IntegerHashtable<Integer, String>String> value; // create defensive copy of inputs public ImmutableHolder(Hashtable<IntegerHashtable<Integer, String>String> ht) { value = (Hashtable<IntegerHashtable<Integer, String>String>)ht.clone(); } // create defensive copy while returning public Object getValue() { return value.clone(); } } |
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
Wiki Markup |
---|
\[[API 06|AA. Java References#API 06]\] Class {{System}} \[[Commes 07|AA. Java References#Commes 07]\] Garbage Collection Concepts and Programming Tips \[[Goetz 04|AA. Java References#Goetz 04]\] \[[Lo 05|AA. Java References#Lo 05]\] \[[Bloch 08|AA. Java References#Bloch 08]\] Item 6: ""Eliminate obsolete object references"" \[[MITRE 09|AA. Java References#MITRE 09]\] [CWE ID 405|http://cwe.mitre.org/data/definitions/405.html] ""Asymmetric Resource Consumption (Amplification)"" |
...
OBJ04-J. Encapsulate the absence of an object by using a Null Object 08. Object Orientation (OBJ) OBJ30-J. Do not ignore return values of methods that operate on immutable objects