Page History

Buffer classes defined in the {{java.nio}} package, such as {{IntBuffer}}, {{CharBuffer}}, and {{ByteBuffer}},  define a variety of {{wrap()}} methods that wrap an array of somethe corresponding primitive data type into a buffer and return the buffer as a {{Buffer}} object. Although these methods create a new {{Buffer}} object, the new {{Buffer}} is backed by the same given input array. According to the Java API for these methods \[[API 2006|AA. Bibliography#API 06]\],

...

Exposing these buffers to untrusted code exposes the backing array to malicious modification. Likewise, the duplicate() methods create additional buffers that are backed by the original buffer's backing array; exposing such additional buffers to untrusted code affords the same opportunity for malicious modification of the contents of the original buffer's backing store.

Noncompliant Code Example (wrap())

...

final class Wrap {
  private char[] dataArray;

  public Wrap () {
    dataArray = new char[10];
    // Initialize
  }

  public CharBuffer getBufferCopy() {
    return CharBuffer.wrap(dataArray);
  }
}

...

final class Wrap {
  private char[] dataArray;

  public Wrap () {
    dataArray = new char[10];
    // Initialize
  }

  public CharBuffer getBufferCopy() {
    return CharBuffer.wrap(dataArray).asReadOnlyBuffer();
  }
}

...

final class Wrap {
  private char[] dataArray;

  public Wrap () {
    dataArray = new char[10];
    // Initialize
  }

  public CharBuffer getBufferCopy() {
    CharBuffer cb = CharBuffer.allocate(dataArray.length);
    cb.put(dataArray);
    return cb;
  }
}

...

This noncompliant code example invokes the duplicate() method to create and return a copy of the CharBuffer. As stated in the contract for the duplicate() method, the returned buffer is backed by the same array as is the original buffer. Consequently, if a caller can were to modify the elements of the backing array; , these modifications would also affect the original buffer.

...

...