Reuse of identifier names in subscopes leads to obscuration or shadowing. The Reused identifiers in the current scope can render those defined elsewhere inaccessible. While Although the Java Language Specification (JLS) [JLS 2013] clearly resolves any syntactic ambiguity arising from obscuring or shadowing, such ambiguity burdens code maintainers and auditors, especially when code requires access to both the original named entity and the inaccessible one. The problem is aggravated exacerbated when the reused name is defined in a different package.unmigrated-wiki-markup
According to [§6.3.2|http://java.sun.com/docs/books/jls/third_edition/html/names.html#6.3.2], "Obscured Declarations" of the _Java Language Specification_ \[[JLS 2005|AA. Bibliography#JLS 05]\] §6.4.2, "Obscuring," of the JLS [JLS 2013],
A simple name may occur in contexts where it may potentially be interpreted as the name of a variable, a type, or a package. In these situations, the rules of §6§6.5 specify that a variable will be chosen in preference to a type, and that a type will be chosen in preference to a package.
This implies that a variable can obscure a type or a package, and a type can obscure a package name. Shadowing, on the other hand, refers to one variable rendering another variable inaccessible in a containing scope. One type can also shadow another type.
No identifier should obscure or shadow another identifier in a containing scope. For instanceexample, a local variable should not reuse the name of a class field or method , or the a class name or package name. Similarly, an inner class name should not reuse the name of an outer class or package.
Both overriding and shadowing differ from hiding, in which an accessible member (typically non-privatenonprivate) that should have been inherited by a subclass is replaced by a locally declared subclass member that assumes the same name but has a different, incompatible method signature.
Noncompliant Code Example (Field Shadowing)
This noncompliant code example reuses the name of the val
instance field in the scope of an instance method. This behavior can be classified as shadowing.
Code Block | ||
---|---|---|
| ||
class MyVector {
private int val = 1;
private void doLogic() {
int val;
//...
}
}
|
The resulting behavior can be classified as shadowing; the method variable renders the instance variable inaccessible within the scope of the method. For example, assigning to val
from within the method does not affect the value of the instance variable, although assigning to this.val
from within the method does.
Compliant Solution (Field Shadowing)
This compliant solution eliminates shadowing by changing the name of the variable defined in the method scope . from val
to newValue
:
Code Block | ||
---|---|---|
| ||
class MyVector {
private int val = 1;
private void doLogic() {
int newValue;
//...
}
}
|
Noncompliant Code Example (Variable Shadowing)
This example is noncompliant because the variable i
defined in the scope of the second for
loop block , shadows the definition of the instance variable i
, which is defined in the scope of the doLogic()
method. MyVector
class:
Code Block | ||
---|---|---|
| ||
class MyVector { private int voidi doLogic() {= 0; private void int i = 0;doLogic() { for (i = 0; i < 10; i++) {/* ... */} for (int i = 0; i < 20; i++) {/* ... */} } } |
Compliant Solution (Variable Shadowing)
In this compliant solution, the loop counter i
is defined in the scope of each for
loop block.:
Code Block | ||
---|---|---|
| ||
class MyVector {
private void doLogic() {
for (int i = 0; i < 10; i++) {/* ... */}
for (int i = 0; i < 20; i++) {/* ... */}
}
}
|
...
Applicability
Name reuse makes code more difficult to read and maintain. This , which can result in security weaknesses.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
DCL15-J | low | unlikely | medium | P2 | L3 |
Automated Detection
An automated tool can easily detect reuse of names identifiers in containing scopes.
Related Guidelines
C Secure Coding Standard: "DCL01-C. Do not reuse variable names in subscopes"
C++ Secure Coding Standard: "DCL01-CPP. Do not reuse variable names in subscopes"
Bibliography
Wiki Markup |
---|
\[[JLS 2005|AA. Bibliography#JLS 05]\]
[§6.3.2|http://java.sun.com/docs/books/jls/third_edition/html/names.html#6.3.2] "Obscured Declarations"
[§6.3.1|http://java.sun.com/docs/books/jls/third_edition/html/names.html#6.3.1] "Shadowing Declarations"
[§7.5.2|http://java.sun.com/docs/books/jls/third_edition/html/packages.html#7.5.2] "Type-Import-On_Demand Declaration"
[§14.4.3|http://java.sun.com/docs/books/jls/third_edition/html/statements.html#14.4.3] "Shadowing of Names by Local Variables" |
Wiki Markup |
---|
\[[Bloch 2005|AA. Bibliography#Bloch 05]\] Puzzle 67: All Strung Out
\[[Bloch 2008|AA. Bibliography#Bloch 08]\] Item 16: Prefer interfaces to abstract classes
\[[Kabanov 2009|AA. Bibliography#Kabanov 09]\]
\[[Conventions 2009|AA. Bibliography#Conventions 09]\] 6.3 Placement
\[[FindBugs 2008|AA. Bibliography#FindBugs 08]\] |
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
Parasoft Jtest |
| CERT.DCL51.HMF | Do not give method local variables and parameters the same name as class fields | ||||||
SonarQube |
| HiddenFieldCheck |
Bibliography
Puzzle 67, "All Strung Out" | |
Item 16, "Prefer Interfaces to Abstract Classes" | |
§6.3, "Placement" | |
[JLS 2013] | §6.4.1, "Shadowing" |
...
MET17-J. Do not increase the accessibility of overridden or hidden methods OBJ17-J. Do not expose sensitive private members of an outer class from within a nested class