...
In this noncompliant example, the class PublicClass is declared public. The member function getPoint as well as the (x, y) coordinates are also declared public. This gives world-access to the class members. A real world vulnerability, for example, can arise when a malicious applet attempts to access the credit card field of another object that is declared public. Note that a non-public class is also vulnerable if its members are declared public (a violation of OBJ00-J. Declare data members private).
| Code Block | ||
|---|---|---|
| ||
public class PublicClass {
public int x;
public int y;
public void getPoint() {
System.out.println("(" + x + "," + y + ")");
}
}
|
...