Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

If the method changeValue is called in this case, the lock is obtained on a private Object that is both invisible and inaccessible from the caller. The this instance is not vulnerable from denial-of-service attack. Thread-safe class may be protected in this way by using the private lock object idiom.

The detailed way of using private object lock can refer to CON36-J. Always synchronize on the appropriate object.

Risk Assessment

Synchronizing on the whole instance can result in Denial-of-service and private object lock is preferred when possible.

...