...
If the method changeValue
is called in this case, the lock is obtained on a private Object
that is both invisible and inaccessible from the caller. The this
instance is not vulnerable from denial-of-service attack. Thread-safe class may be protected in this way by using the private lock object idiom.
The detailed way of using private object lock can refer to CON36-J. Always synchronize on the appropriate object.
Risk Assessment
Synchronizing on the whole instance can result in Denial-of-service and private object lock is preferred when possible.
...