On 5/15/10 11:02 AM, Felix Knecht wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
We do have mutable objects like Data/Arrays/Collections/... in getter
methods (e.g. [1]).
- From FindBugs:
"EI: May expose internal representation by returning reference to
mutable object (EI_EXPOSE_REP)
Returning a reference to a mutable object value stored in one of the
object's fields exposes the internal representation of the object. If
instances are accessed by untrusted code, and unchecked changes to the
mutable object would compromise security or other important properties,
you will need to do something different. Returning a new copy of the
object is better approach in many situations."
I suggest to clone such data and return the clone instead.
WDYT?
This is not so simple. For instance, in the Value class, we returns the
direct internal object for performance reasons. It should be checked
case by case.
If we consider that the returned value is ok even if it's not a clone,
then we should add a @suppressWarnig with a comment explaining why we
are allowing such a behavior.
Otherwise, returning a clone is an option, another option being that we
return an Immutable object, ie the interned object should be immutable
(but this is more work).
--
Regards,
Cordialement,
Emmanuel Lécharny
www.nextury.com
