| Wiki Markup |
|---|
In a JVM, a class is identified by its fully qualified class name and its Classloader. A class with the same name but a different package name is different, and a class with the same fully qualified name but which has been loaded with a different Classloader is also different. "Two classes are the same class (and therefore the same type) if they are loaded by the same class loader and they have the same fully qualified name" \[[JVMSpec 99|AA. Java References#JVMSpec 99]\] [§2.8.1\ Class Names|http://java.sun.com/docs/books/jvms/second_edition/html/Concepts.doc.html]. |
One may frequently want to know whether a given object has a specific class or whether two objects have the same class, for example, in implementing the equals() method. If the comparison is performed incorrectly, your code might assume that two objects are of the same class when they're not.
...
| Code Block | ||
|---|---|---|
| ||
// determine whether objects x and y have same class
if (x.getClass() == y.getClass()) {
// code determines whether objects have same class
}
|
| Wiki Markup |
|---|
The class objects will only be equal when they have the same class as defined in \[[JVMSpec 99|AA. Java References#JVMSpec 99]\] and repeated above. |
Risk Assessment
Incorrectly comparing classes using their names could give an attacker's class undesirable privileges.
...