| Warning | ||
|---|---|---|
| ||
This guideline has been labeled void and designated for future elimination from the Cert Oracle Secure Coding Standard for Java. This guideline has not been erased yet in case it contains information that might still be useful. |
A non-empty array is always mutable, so Exposing a public static final array makes no sense; clients will be able object allows clients to modify the contents of the array object (although they will not be able to change the array object itself, as it is final).
Noncompliant Code Example
| Code Block | ||
|---|---|---|
| ||
public static final SomeType [] SOMETHINGS = { ... };
|
With this declaration, SOMETHINGS[1], etc. can be modified by clients of the code.
Compliant Solution
One approach is to have a private array and a public method that returns a copy of the array:
| Code Block | ||
|---|---|---|
| ||
private static final SomeType [] SOMETHINGS = { ... };
public static final SomeType [] somethings() {
return SOMETHINGS.clone();
}
|
Now, the original array values cannot be modified by a client.
Compliant Solution 2
An alternative approach is to have a private array from which a public immutable list is contructed:
| Code Block | ||
|---|---|---|
| ||
private static final SomeType [] THE_THINGS = { ... };
public static final List<SomeType> SOMETHINGS =
Collections.unmodifiableList(Arrays.asList(THE_THINGS));
|
Now, neither the original array values nor the public list can be modified by a client.
Risk Assessment
Having a public static final array is a potential security risk, as the array elements may be modified by a client.
Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
SEC37-J | medium | likely | low | P18 | L1 |
Automated Detection
TODO
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
References
[JLS 2006] Section 6.6, Access Control
[Bloch 2008] Item 13: Minimize the accessibility of classes and members
...