...
- Reuse the name of a superclass
- Reuse the name of an interface
- Reuse the name of a field defined in a superclass
- Reuse the name of a field that appears in the same method (in some different scope)
- Reuse the name of a field, type or another parameter across packages
Noncompliant Code Example
This noncompliant code example implements a class that reuses the name of the class java.util.Vector. It attempts to introduce a different condition for the isEmpty() method for interfacing with native legacy code, by overriding the corresponding method in java.util.Vector.
...
| Code Block | ||
|---|---|---|
| ||
class Vector {
private int val = 1;
public boolean isEmpty() {
if(val == 1) { //compares with 1 instead of 0
return true;
} else {
return false;
}
}
//other functionality is same as java.util.Vector
}
// import java.util.Vector; omitted
public class VectorUser {
public static void main(String[] args) {
Vector v = new Vector();
if(v.isEmpty()) {
System.out.println("Vector is empty");
}
}
}
|
Compliant Solution
This compliant solution declares the class Vector with a different name.
| Code Block | ||
|---|---|---|
| ||
class MyVector {
//other code
}
|
Noncompliant Code Example
This noncompliant code example reuses the name of the val instance field in the scope of an instance method. This behavior can be classified as shadowing.
| Code Block | ||
|---|---|---|
| ||
class Vector {
private int val = 1;
private void doLogic() {
int val;
//...
}
}
|
Compliant Solution
This solution eliminates shadowing by using a different name for the variable defined in method scope.
| Code Block | ||
|---|---|---|
| ||
private void doLogic() {
int newValue;
//...
}
|
Noncompliant Code Example
Method shadowing in different scopes becomes possible when two or more packages are used. Method shadowing is distinct from method overloading in that, subclasses are allowed to inherit overloadings defined in the base class. It differs from hiding in that the methods do not have to be declared static. It is also distinct from method overriding as exemplified in this noncompliant code example.
...
Note that class y.C is accessible from the package x and so is its doLogic() method. However, if the main() method defined in class A tries to polymorphically invoke y.doLogic() as shown, the override corresponding to class B in package x takes precedence. This is because the doLogic() methods in classes x.A and x.B are not visible from class y.C due to the default access specifier. As a result, the class x.C is not considered a part of the overriding hierarchy. Notably, the code behaves as expected if the access specifiers of all the methods are changed to public.
Compliant Solution
It is highly recommended that a different name be used so that it is clear that the class residing in another package is not meant to be a part of the overriding chain. A programmer can proceed to invoke methods on it by explicitly using the class name. Even when all the classes define methods with a public access specifier, it is better to avoid reusing names because an evolving class can limit method accessibility anytime in the future causing unexpected results.
| Code Block | ||
|---|---|---|
| ||
package x;
public class A {
void doLogic() {
// print 'A'
}
public static void main(String[] args) {
// explicitly invokes doSequence() of class y.C and prints 'C'
y.C.doSequence();
}
}
package x;
public class B { /* ... */ }
package y; // different package
public class C extends x.B {
public void doSequence() { // now renamed
// print 'C'
}
}
|
Exceptions
EX1: Reuse of names is permitted for trivial loop counter declarations in the same scope:
...
| Wiki Markup |
|---|
*EX2:* It is permissible to declare a label with the same name as another variable in the same scope. This is because there is no obscuration in this case \[[JLS 05|AA. Java References#JLS 05]\]. |
Risk Assessment
Reusing names leads to code that is harder to read and maintain and may result in security weaknesses.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
SCP03- J | low | unlikely | medium | P2 | L3 |
Automated Detection
TODO
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
This rule appears in the C Secure Coding Standard as DCL01-C. Do not reuse variable names in subscopes.
This rule appears in the C++ Secure Coding Standard as DCL01-CPP. Do not reuse variable names in subscopes.
References
| Wiki Markup |
|---|
\[[JLS 05|AA. Java References#JLS 05]\] 6.3.2 "Obscured Declarations", 6.3.1 "Shadowing Declarations", 14.4.3 "Shadowing of Names by Local Variables" \[[Bloch 08|AA. Java References#Bloch 08]\] Puzzle 67: All Strung Out \[[Kabanov 09|AA. Java References#Kabanov 09]\] \[[Conventions 09|AA. Java References#Conventions 09]\] 6.3 Placement \[[FindBugs 08|AA. Java References#FindBugs 08]\]: Nm: Class names shouldn't shadow simple name of implemented interface Nm: Class names shouldn't shadow simple name of superclass MF: Class defines field that masks a superclass field MF: Method defines a variable that obscures a field |
...