[jira] [Commented] (NUTCH-2812) Methods returning array may expose internal representation

ASF GitHub Bot (Jira) Tue, 17 Sep 2024 08:19:08 -0700


    [ 
https://issues.apache.org/jira/browse/NUTCH-2812?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17882442#comment-17882442
 ]


ASF GitHub Bot commented on NUTCH-2812:
---------------------------------------

sebastian-nagel commented on PR #798:
URL: https://github.com/apache/nutch/pull/798#issuecomment-2356188861

   Thanks, @GabeHaegele!




> Methods returning array may expose internal representation
> ----------------------------------------------------------
>
>                 Key: NUTCH-2812
>                 URL: https://issues.apache.org/jira/browse/NUTCH-2812
>             Project: Nutch
>          Issue Type: Sub-task
>    Affects Versions: 1.17
>            Reporter: Lewis John McGibbney
>            Assignee: Lewis John McGibbney
>            Priority: Major
>             Fix For: 1.21
>
>
> Returning a reference to a mutable object value stored in one of the object's 
> fields exposes the internal representation of the object.  If instances are 
> accessed by untrusted code, and unchecked changes to the mutable object would 
> compromise security or other important properties, you will need to do 
> something different. Returning a new copy of the object is better approach in 
> many situations.
> For example org.apache.nutch.fetcher.FetchNode.getOutlinks() may expose 
> internal representation by returning FetchNode.outlinks
> There are 11 such occurrences of this bug in the codebase. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (NUTCH-2812) Methods returning array may expose internal representation

Reply via email to