The enhanced for
statement is designed for iteration through Collections and arrays.
The The Java Language Specification (JLS) provides the following example of the enhanced for
statement in §14.14.2, "The Enhanced for
Statement" [JLS 2014]:
...
Unlike the basic for
statement, assignments to the loop variable fail to affect the loop's iteration order over the underlying set of objects. Consequently, an assignment to the loop variable is equivalent to modifying a variable local to the loop body whose initial value is the object referenced by the loop iterator. This modification is not necessarily erroneous , but can obscure the loop functionality or indicate a misunderstanding of the underlying implementation of the enhanced for
statement.
Declare all enhanced for
statement loop variables final. The final
declaration causes Java compilers to flag and reject any assignments made to the loop variable.
...
This noncompliant code example attempts to process a collection of integers using an enhanced for
loop. It further intends to modify one item in the collection for processing:
Code Block | ||||
---|---|---|---|---|
| ||||
List<Integer> list = Arrays.asList(new Integer[] {13, 14, 15}); boolean first = true; System.out.println("Processing list..."); for (Integer i: list) { if (first) { first = false; i = new Integer(99); } System.out.println(" New item: " + i); // processProcess i } System.out.println("Modified list?"); for (Integer i: list) { System.out.println("List item: " + i); } |
However, this code does not actually modify the list, as shown by the program's output:
...
Declaring i
to be final mitigates this problem , by causing the compiler to fail to permit i
to be assigned a new value.:
Code Block | ||||
---|---|---|---|---|
| ||||
// ... for (final Integer i: list) { // ... |
...
This compliant solution processes the '"modified' " list , but leaves the actual list unchanged.:
Code Block | ||||
---|---|---|---|---|
| ||||
// ... for (final Integer i: list) { Integer item = i; if (first) { first = false; item = new Integer(99); } System.out.println(" New item: " + item); // processProcess item } // ... |
Risk Assessment
Assignments to the loop variable of an enhanced for
loop (for-each
idiom) fail to affect the overall iteration order, lead to programmer confusion, and can leave data in a fragile or inconsistent state.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
DCL02-J |
Low |
Unlikely |
Low | P3 | L3 |
Automated Detection
This rule is easily enforced with static analysis.
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
Parasoft Jtest |
| CERT.DCL02.ITMOD | Do not modify collection while iterating over it |
Bibliography
...
...