...
| Code Block | ||
|---|---|---|
| ||
// java.util.ArrayList is mutable and non-final
public void copyNonFinalInput(ArrayList list) {
// create new instance of declared input type
list = new ArrayList(list);
doLogic(list);
}
// java.util.Collection is an interface
public void copyInterfaceInput(Collection collection) {
// convert input to trusted implementation
collection = new ArrayList(collection);
doLogic(collection);
}
|
Exceptions
EX1: It is allowable to forgo defensive copying using the clone() method in cases where the class can be subclassed by untusted code. This is because malicious code may return a crafted object when the object's clone() method is invoked.
Risk Assessment
Failing to create a copy of a mutable input may enable an attacker to exploit a TOCTOU vulnerability.
...