...
In general, library methods should perform callee validation of their parameters for safety and security reasons. Such validity checks enable the method to survive some forms of improper usage; this improves reliability and security of applications that use the library. Further, callee validation often simplifies debugging when an invalid parameter is detected. Library methods that provide an interface between untrusted client code and trusted library code must perform callee validation of their parameters. Other methods, including private methods, should validate arguments that are both untrusted and unvalidated when those arguments that may propagate from a public API method via its arguments.
When defensive copying is necessary, make the defensive copies before parameter validation; validate the copies rather than the original parameters. See guideline SER07-J. Make defensive copies of private mutable components for additional information.
...