...
An untrusted invoker may call the mutator method setArray(), and violate the object's immutability property. Invoking the getter method getArray() also allows modification of the private internal state of the class. This class also violates OBJ05-J. Defensively copy private mutable class members before returning their references.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
class MutableProtector extends Mutable {
@Override
public int[] getArray() {
return super.getArray().clone();
}
}
// ...
private Mutable mutable = new MutableProtector();
// May be safely invoked by untrusted caller having read ability
public Mutable getMutable() {return mutable;} |
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
class MutableProtector extends Mutable {
@Override
public public int[] getArray() {
return super.getArray().clone();
}
@Override
public void setArray(int[] i) {
throw new UnsupportedOperationException();
}
}
// ...
private Mutable mutable = new MutableProtector();
// May be safely invoked by untrusted caller having read ability
public Mutable getMutable() {return mutable;}
|
...