...
This noncompliant code example exemplifies demonstrates how a malicious subclass Sub can both override the doLogic() method of the superclass and also increase the accessibility of the overriding method. Any user of Sub will be able to invoke the doLogic method as because the base class BadScope defines it with the to be protected access modifier. The class Sub can allow more access than BadScope Class Sub increases the accessibility of doLogic by declaring its own version of the doLogic() method {{public}method to be public.
| Code Block | ||
|---|---|---|
| ||
class BadScope {
protected void doLogic() {
System.out.println("Super invoked");
}
}
public class Sub extends BadScope {
public void doLogic() {
System.out.println("Sub invoked");
// Do sensitive operations
}
}
|
...