...
| Code Block | ||
|---|---|---|
| ||
class BadOverloading extends HashMap {
HashMap<Integer,Integer> hm;
public BadOverloading() {
hm = new HashMap<Integer, Integer>();
hm.put(1, 111990000); hm.put(2, 222990000); hm.put(3, 333990000); // ssn records
}
public Integer getData(int i) { // Overloading sequence #1
return hm.get(i); // get record at position 'i'
}
public String getData(Integer i) { // Overloading sequence #2
String s = get(i).toString(); // get a particular record
return (s.substring(0, 3) + "-" + s.substring(3, 5) + "-" + s.substring(5, 9));
}
@Override public Integer get(Object data) { // Checks whether the ssn exists
// SecurityManagerCheck()
for (Map.Entry<Integer, Integer> entry : hm.entrySet()) {
if(entry.getValue().compareTo((Integer)data) == 0)
return entry.getValue(); // Exists
}
return null;
}
public static void main(String[] args) {
BadOverloading bo = new BadOverloading();
System.out.println(bo.getData(3)); // Get record at index '3'
System.out.println(bo.getData((Integer)111990000)); // Get record containing data '111990000'
}
}
|
Wiki Markup List}} interface may go unnoticed, as Bloch \[ [Bloch 2008|AA. References#Bloch 08] \] describes:
The
List<E>interface has two overloadings of the remove method:remove(E)andremove(int). Prior to release 1.5 when it was "generified," theListinterface had aremove(Object)method in place ofremove(E), and the corresponding parameter types,Objectandint, were radically different. But in the presence of generics and autoboxing, the two parameter types are no longer radically different.
...
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
Bibliography
...
\[[API 2006|AA. References#API 06]\] [Interface Collection|http://java.sun.com/j2se/1.4.2/docs/api/java/util/Collection.html]
\[[Bloch 2008|AA. References#Bloch 08]\] Item 41: Use overloading Collection
[Bloch 2008] Item 41: Use overloading judiciously
...
05. Methods (MET) 05. Methods (MET) MET01-J. Validate method parameters