Java defines the equality operators == and != for testing reference equality, but uses the Object.equals() method and its children for testing abstract object equality. Naive programmers often confuse the intent of the == operation with that of the Object.equals() method. This confusion is frequently seen in the context of String processing.
As a general rule (subject to the exceptions below), use the Object.equals() method to check whether two objects are abstractly equal to each other. Reserve use of the equality operators == and != for testing whether two references specifically refer to the same object (this is reference equality). See also guideline MET13-J. Ensure that hashCode() is overridden when equals() is overridden.
When operating on numeric boxed types (e.g.for example,Byte, Character, Short, Integer, Long, Float, and Double), the numeric relational operators (e.g., such as <, <=, >, and >=) produce results that match those provided for arguments of the equivalent primitive numeric types. Specifically, the JLS requires auto-unboxing in this case, which results in comparison of the numeric values contained in the boxed objects. (see See JLS Section 5.6.2, "Binary Numeric Promotion".) . But when both arguments of an equality operator (e.g.for example, == or !=) are of a numeric boxed type, the operation is a reference comparison rather than the anticipated numeric comparison, which may can produce unexpected results. (see See guideline EXP03-J. Avoid the equal and not equal operators when comparing values of boxed primitives.).
Noncompliant Code Example
The reference equality operator == evaluates to true only when the values it compares reference the same underlying object. This noncompliant example declares two distinct String objects that contain the same value. The references, however, compare as are unequal because they reference distinct objects.
...
Reference equality produces the desired result when comparing string literals (for example, String one = "one"; and String two = "two";) or when the intern method has been used on both strings.
When a task requires both keeping only one copy of each string in memory, as well as performing quick repeated string comparisons, this compliant solution may be used.
...
Use this approach with care; performance and clarity may could be better served by use of code that applies the Object.equals() approach and lacks a dependence on reference equality.
...
EXP01-EX1: Use of reference equality in place of object equality is permitted only when the defining classes guarantee the existence of, at most, one object instance for each possible object value. This generally requires that instances of such classes are immutable. The use of static factory methods rather than public constructors facilitates instance control; this is a key enabling technique.
...
The Coverity Prevent Version 5.0 BAD_EQ checker can detect the instance where The the "==" operator is being used for equality of objects when in ideal case , ideally, the equal method should have been used. The "==" operator may could consider objects different when the equals method considers them the same.
...
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
Related Guidelines
MITRE CWE: CWE-595 "Incorrect Syntactic Object Comparison"
MITRE CWE: CWE-597 "Use of Wrong Operator in String Comparison"
Bibliography
| Wiki Markup |
|---|
\[[FindBugs 2008|AA. Bibliography#FindBugs 08]\] ES: Comparison of String objects using == or \!=
\[[JLS 2005|AA. Bibliography#JLS 05]\] [Section 3.10.5|http://java.sun.com/docs/books/jls/third_edition/html/lexical.html#3.10.5], "String Literals" and [Section 5.6.2|http://java.sun.com/docs/books/jls/third_edition/html/conversions.html#5.6.2], "Binary Numeric Promotion"
\[[MITRE 2009|AA. Bibliography#MITRE 09]\] [CWE ID 595|http://cwe.mitre.org/data/definitions/595.html] "Incorrect Syntactic Object Comparison", [CWE ID 597|http://cwe.mitre.org/data/definitions/597.html] "Use of Wrong Operator in String Comparison" |
...
04. Expressions (EXP) EXP02-J. Use the two-argument Arrays.equals() method to compare the contents of arrays