Details
-
Sub-task
-
Status: Open
-
Major
-
Resolution: Unresolved
-
1.17
-
None
-
None
Description
Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new copy of the object is better approach in many situations.
For example org.apache.nutch.fetcher.FetchNode.getOutlinks() may expose internal representation by returning FetchNode.outlinks
There are 11 such occurrences of this bug in the codebase.
Attachments
Issue Links
- links to