org.sonar.l10n.java.rules.java.S2384.html Maven / Gradle / Ivy
Why is this an issue?
Mutable objects are those whose state can be changed. For instance, an array is mutable, but a String is not. Private mutable class members should
never be returned to a caller or accepted and stored directly. Doing so leaves you vulnerable to unexpected changes in your class state.
Instead use an unmodifiable Collection (via Collections.unmodifiableCollection,
Collections.unmodifiableList, …) or make a copy of the mutable object, and store or return the copy instead.
This rule checks that private arrays, collections and Dates are not stored or returned directly.
Noncompliant code example
class A {
private String [] strings;
public A () {
strings = new String[]{"first", "second"};
}
public String [] getStrings() {
return strings; // Noncompliant
}
public void setStrings(String [] strings) {
this.strings = strings; // Noncompliant
}
}
public class B {
private A a = new A(); // At this point a.strings = {"first", "second"};
public void wreakHavoc() {
a.getStrings()[0] = "yellow"; // a.strings = {"yellow", "second"};
}
}
Compliant solution
class A {
private String [] strings;
public A () {
strings = new String[]{"first", "second"};
}
public String [] getStrings() {
return strings.clone();
}
public void setStrings(String [] strings) {
this.strings = strings.clone();
}
}
public class B {
private A a = new A(); // At this point a.strings = {"first", "second"};
public void wreakHavoc() {
a.getStrings()[0] = "yellow"; // a.strings = {"first", "second"};
}
}
Resources
- CWE - CWE-374 - Passing Mutable Objects to an Untrusted Method
- CWE - CWE-375 - Returning a Mutable Object to an Untrusted Caller
- CERT, OBJ05-J. - Do not return references to private mutable class members
- CERT, OBJ06-J. - Defensively copy mutable inputs and mutable internal components
- CERT, OBJ13-J. - Ensure that references to mutable objects are not exposed
© 2015 - 2024 Weber Informatics LLC | Privacy Policy