Sonar Violation: Security - Array is stored directly
Means: Constructors and methods receiving arrays should clone objects and store the copy. This prevents future changes from the user (caller/client) affect the internal functionality.
Means: Constructors and methods receiving arrays should clone objects and store the copy. This prevents future changes from the user (caller/client) affect the internal functionality.
public void setMyArray(String[] myArray) {
this.myArray = myArray;
}
Solution:
public void setMyArray(String[] newMyArray) {
if(newMyArray == null) {
this.myArray = new String[0];
} else {
this.myArray = Arrays.copyOf(newMyArray, newMyArray.length);
}
}
This is a good post. I believe this case is working well because of String (which of course is an inmutable class).
ReplyDeleteIf you are using own created objects, than a better soultion will be a deep copy of the objects.