[
https://issues.apache.org/jira/browse/STRATOS-873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Imesh Gunaratne updated STRATOS-873:
------------------------------------
Description:
This is to fix critical Sonar finding "Array is stored directly"
http://stackoverflow.com/questions/11580948/sonar-violation-security-array-is-stored-directly
It's complaining that the array you're storing is the same array that is held
by the caller. That is, if the caller subsequently modifies this array, the
array stored in the object (and hence the object itself) will change.
The solution is to make a copy within the object when it gets passed. This is
called defensive copying. A subsequent modification of the collection won't
affect the array stored within the object.
was:This is to fix critical Sonar finding "Array is stored directly"
> [Sonar Findings] [Critical] Array is Stored Directly
> -----------------------------------------------------
>
> Key: STRATOS-873
> URL: https://issues.apache.org/jira/browse/STRATOS-873
> Project: Stratos
> Issue Type: Improvement
> Affects Versions: 4.1.0 M1
> Reporter: Imesh Gunaratne
> Assignee: Imesh Gunaratne
> Fix For: 4.1.0 M2
>
>
> This is to fix critical Sonar finding "Array is stored directly"
> http://stackoverflow.com/questions/11580948/sonar-violation-security-array-is-stored-directly
> It's complaining that the array you're storing is the same array that is held
> by the caller. That is, if the caller subsequently modifies this array, the
> array stored in the object (and hence the object itself) will change.
> The solution is to make a copy within the object when it gets passed. This is
> called defensive copying. A subsequent modification of the collection won't
> affect the array stored within the object.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
