Arrays do not override class Object's equals() method. Consequently, the default implementation of the equals() method simply compares the array references instead of the contents of the arrays. If only the references need to be compared, it is better to use relational operators, such as == and !=. Vulnerabilities can result, for instance, when two arrays containing signers are compared incorrectly.
...
| Code Block | ||
|---|---|---|
| ||
Arrays.equals(arr1, arr2); // true |
Risk Assessment
Using the equals() method or relational operators to compare array contents can produce incorrect results.
...