Security checks based on untrusted sources can be bypassed. The untrusted object or parameter should be defensively copied before the security check is performed. The copy operation must be a deep copy; the implementation of the clone() method may produce a shallow copy, which can still be compromised. In addition, the implementation of the clone() method can be provided by the attacker. See guidelines VOID MET08-J. Do not use the clone method to copy untrusted method parameters and FIO00OBJ14-J. Defensively copy mutable inputs and mutable internal components for more information.
...