[jira] [Updated] (KARAF-4213) Public cloneable() Method Without Final ('Object Hijack')
[
https://issues.apache.org/jira/browse/KARAF-4213?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jean-Baptiste Onofré updated KARAF-4213:
Fix Version/s: (was: 4.0.8)
4.0.9
> Public cloneable() Method Without Final ('Object Hijack')
> -
>
> Key: KARAF-4213
> URL: https://issues.apache.org/jira/browse/KARAF-4213
> Project: Karaf
> Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.9
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application
> security analysis on the karaf source code.
> A class has a cloneable() method that is not declared final, which allows an
> object to be created without calling the constructor. This can cause the
> object to be in an unexpected state.
> File:
> util\src\main\java\org\apache\karaf\util\collections\CopyOnWriteArrayIdentityList.java
> Line: 247
> CopyOnWriteArrayIdentityList.java, lines 246-255:
> {code}
> 246 @Override
> 247 public Object clone() {
> 248 try {
> 249 CopyOnWriteArrayIdentityList thisClone =
> (CopyOnWriteArrayIdentityList) super.clone();
> 250 thisClone.setData(this.getData());
> 251 return thisClone;
> 252 } catch (CloneNotSupportedException e) {
> 253 throw new RuntimeException("CloneNotSupportedException is not
> expected here");
> 254 }
> 255 }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (KARAF-4213) Public cloneable() Method Without Final ('Object Hijack')
[
https://issues.apache.org/jira/browse/KARAF-4213?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jean-Baptiste Onofré updated KARAF-4213:
Fix Version/s: (was: 4.0.7)
4.0.8
> Public cloneable() Method Without Final ('Object Hijack')
> -
>
> Key: KARAF-4213
> URL: https://issues.apache.org/jira/browse/KARAF-4213
> Project: Karaf
> Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.8
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application
> security analysis on the karaf source code.
> A class has a cloneable() method that is not declared final, which allows an
> object to be created without calling the constructor. This can cause the
> object to be in an unexpected state.
> File:
> util\src\main\java\org\apache\karaf\util\collections\CopyOnWriteArrayIdentityList.java
> Line: 247
> CopyOnWriteArrayIdentityList.java, lines 246-255:
> {code}
> 246 @Override
> 247 public Object clone() {
> 248 try {
> 249 CopyOnWriteArrayIdentityList thisClone =
> (CopyOnWriteArrayIdentityList) super.clone();
> 250 thisClone.setData(this.getData());
> 251 return thisClone;
> 252 } catch (CloneNotSupportedException e) {
> 253 throw new RuntimeException("CloneNotSupportedException is not
> expected here");
> 254 }
> 255 }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (KARAF-4213) Public cloneable() Method Without Final ('Object Hijack')
[
https://issues.apache.org/jira/browse/KARAF-4213?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jean-Baptiste Onofré updated KARAF-4213:
Fix Version/s: (was: 4.0.6)
4.0.7
> Public cloneable() Method Without Final ('Object Hijack')
> -
>
> Key: KARAF-4213
> URL: https://issues.apache.org/jira/browse/KARAF-4213
> Project: Karaf
> Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.7
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application
> security analysis on the karaf source code.
> A class has a cloneable() method that is not declared final, which allows an
> object to be created without calling the constructor. This can cause the
> object to be in an unexpected state.
> File:
> util\src\main\java\org\apache\karaf\util\collections\CopyOnWriteArrayIdentityList.java
> Line: 247
> CopyOnWriteArrayIdentityList.java, lines 246-255:
> {code}
> 246 @Override
> 247 public Object clone() {
> 248 try {
> 249 CopyOnWriteArrayIdentityList thisClone =
> (CopyOnWriteArrayIdentityList) super.clone();
> 250 thisClone.setData(this.getData());
> 251 return thisClone;
> 252 } catch (CloneNotSupportedException e) {
> 253 throw new RuntimeException("CloneNotSupportedException is not
> expected here");
> 254 }
> 255 }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (KARAF-4213) Public cloneable() Method Without Final ('Object Hijack')
[
https://issues.apache.org/jira/browse/KARAF-4213?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jean-Baptiste Onofré updated KARAF-4213:
Description:
HP Fortify SCA and SciTools Understand were used to perform an application
security analysis on the karaf source code.
A class has a cloneable() method that is not declared final, which allows an
object to be created without calling the constructor. This can cause the object
to be in an unexpected state.
File:
util\src\main\java\org\apache\karaf\util\collections\CopyOnWriteArrayIdentityList.java
Line: 247
CopyOnWriteArrayIdentityList.java, lines 246-255:
{code}
246 @Override
247 public Object clone() {
248 try {
249 CopyOnWriteArrayIdentityList thisClone =
(CopyOnWriteArrayIdentityList) super.clone();
250 thisClone.setData(this.getData());
251 return thisClone;
252 } catch (CloneNotSupportedException e) {
253 throw new RuntimeException("CloneNotSupportedException is not
expected here");
254 }
255 }
{code}
was:
HP Fortify SCA and SciTools Understand were used to perform an application
security analysis on the karaf source code.
A class has a cloneable() method that is not declared final, which allows an
object to be created without calling the constructor. This can cause the object
to be in an unexpected state.
File:
util\src\main\java\org\apache\karaf\util\collections\CopyOnWriteArrayIdentityList.java
Line: 247
CopyOnWriteArrayIdentityList.java, lines 246-255:
246 @Override
247 public Object clone() {
248 try {
249 CopyOnWriteArrayIdentityList thisClone =
(CopyOnWriteArrayIdentityList) super.clone();
250 thisClone.setData(this.getData());
251 return thisClone;
252 } catch (CloneNotSupportedException e) {
253 throw new RuntimeException("CloneNotSupportedException is not
expected here");
254 }
255 }
> Public cloneable() Method Without Final ('Object Hijack')
> -
>
> Key: KARAF-4213
> URL: https://issues.apache.org/jira/browse/KARAF-4213
> Project: Karaf
> Issue Type: Bug
>Affects Versions: 4.0.3
>Reporter: Eduardo Aguinaga
>
> HP Fortify SCA and SciTools Understand were used to perform an application
> security analysis on the karaf source code.
> A class has a cloneable() method that is not declared final, which allows an
> object to be created without calling the constructor. This can cause the
> object to be in an unexpected state.
> File:
> util\src\main\java\org\apache\karaf\util\collections\CopyOnWriteArrayIdentityList.java
> Line: 247
> CopyOnWriteArrayIdentityList.java, lines 246-255:
> {code}
> 246 @Override
> 247 public Object clone() {
> 248 try {
> 249 CopyOnWriteArrayIdentityList thisClone =
> (CopyOnWriteArrayIdentityList) super.clone();
> 250 thisClone.setData(this.getData());
> 251 return thisClone;
> 252 } catch (CloneNotSupportedException e) {
> 253 throw new RuntimeException("CloneNotSupportedException is not
> expected here");
> 254 }
> 255 }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
