SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 19

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 20

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by NavBot (jp)

Wiki Markup
In a JVM a class is identified by its fully-qualified class name AND its classloader. A class with the same name but different package name is different, and a class with the same fully-qualified name but which has been loaded with a different classloader is also different. "Two classes are the _same class_ (and therefore the _same type_) if they are loaded by the same class loader and they have the same fully qualified name" \[JVMSpec 99 §2§2.8.1\].

You may frequently want to know whether a given object has a specific class, or whether 2 objects have the same class, for example, in implementing the equals() method. If the comparison is performed incorrectly, your code might assume that 2 objects are of the same class when they're not.

...

In this non-compliant solution, the code compares the name of the class of object h to the string "DefaultAuthenticationHandler", and proceeds according to whether this comparison succeeds or not.

Code Block
bgColorffcccc
  // determine whether object h has required/expected class name
if (h.getClass().getName().equals("com.example.application.auth.DefaultAuthenticationHandler")) {
        // code assumes it's an authorized class
}

...

In this compliant solution, we compare the class object of h itself to the class object of the class that the current class loader would load with our required name.

Code Block
bgColorccccff
  // determine whether object h has required/expected class name
if (h.getClass() == this.getClassLoader().loadClass("com.example.application.auth.DefaultAuthenticationHandler")) {
        // code determines authorized class loaded by same classloader
}

...

This code compares the names of the 2 classes of objects x and y and behaves accordingly.

Code Block
bgColorffcccc
  // determine whether objects x and y have same class name
if (x.getClass().getName().equals( y.getClass().getName() )) {
        // code assumes objects have same class
}

...

This compliant solution correctly compares the 2 objects' classes

Code Block
bgColorccccff
  // determine whether objects x and y have same class
if (x.getClass() == y.getClass()) {
        // code determines objects have same class
}

...

  1. Wiki Markup
    \[[JVMSpec 99|AA. Java References#JVMSpec 99]\] [§2§2.8.1 Class Names|http://java.sun.com/docs/books/jvms/second_edition/html/Concepts.doc.html]
  2. Wiki Markup
    \[[Christudas 05|AA. Java References#Christudas 05]\]
  3. Wiki Markup
    \[[Mcgraw 98|AA. Java References#Mcgraw 98]\]
  4. Wiki Markup
    \[[Wheeler 03|AA. Java References#Wheeler 03]\] [Java|http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/java.html]

...

OBJ33-J. Limit extensibility of classes and methods      06. Objects Orientation (OBJ)      OBJ35-J. Use checked collections against external code