...
Modifying a superclass without considering the effect on subclasses can introduce vulnerabilities. Subclasses that are developed with an incorrect understanding of the superclass implementation can be subject to erratic behavior, resulting in inconsistent data state and mismanaged control flow. Also, if the superclass implementation changes then the subclass may need to be redesigned to take into account these changes.
Rule | Severity | Likelihood |
|---|
Detectable | Repairable | Priority | Level |
|---|---|---|---|
OBJ02-J | Medium | Probable |
No | No | P4 | L3 |
Automated Detection
Sound automated detection is not currently feasible.
...
The Provider class inherits the put() and remove() methods from Hashtable and adds security manager checks to each. These checks ensure that malicious code cannot add or remove the mappings. When entrySet() was introduced, it became possible for untrusted code to remove the mappings from the Hashtable because Provider failed to override this method to provide the necessary security manager check [SCG 2009]. This situation is commonly known as the fragile class hierarchy problem.
Related Guidelines
Guideline 4-6 / EXTEND-6: Understand how a superclass can affect subclass behavior |
Bibliography
[API 2014] | |
Item 16, "Favor Composition over Inheritance" | |
Design Patterns: Elements of Reusable Object-Oriented Software (p. 20) | |
"Using Prototypical Objects to Implement Shared Behavior in Object-Oriented Systems" |
...
...