发表新帖
发表新帖

Malicious code vulnerability - May expose internal representation by returning reference to mutable object

后端 未结
关注
2 901
礼貌的吻别
礼貌的吻别 2021-01-01 12:56

Hi I\'m getting the violation as below:

Malicious code vulnerability - May expose internal representation by returning reference to mutable object

2条回答
  • 一个人的身影
    一个人的身影 (楼主)
    2021-01-01 13:06

    As the error message states, you're returning internal state (chkBox is - most likely - part of the internal state of an object even though you're not showing its definition)

    This can cause problems if you - for example - do

    String[] box = obj.chkBox();
box[0] = null;

    Since an array object, as all Java objects, is passed by reference, this will change the original array stored inside your object as well.

    What you most likely want to do to fix this is a simple

    return (String[])chkBox.clone();

    which returns a copy of the array instead of the actual array.

    0 讨论(0)
 看不清?
提交回复
热议问题