Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Failing to limit field accessibility can defeat encapsulation, allow attackers to manipulate fields to violate class invariants, or allow these fields to be corrupted as the result of concurrent accesses from multiple threads.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

OBJ01-J

Medium

Likely

Medium

P12

L1

Automated Detection

Detection of public and protected fields is trivial; heuristic detection of the presence or absence of accessor methods is straightforward. However, simply reporting all detected cases without suppressing those cases covered by the exceptions to this rule would produce excessive false positives. Sound detection and application of the exceptions to this rule is infeasible; however, heuristic techniques may be useful.

ToolVersionCheckerDescription
SonarQube
Include Page
SonarQube_V
SonarQube_V
S2386

Mutable fields should not be "public static"

Implemented for public static

 array

array,

 

Collection,

 

Date,

and 

and awt.Point

 members

members.

 


Related Guidelines

SEI CERT C++ Coding Standard

VOID OOP00-CPP. Declare data members private

MITRE CWE

CWE-766, Critical Variable Declared Public

Secure Coding Guidelines for Java SE, Version 5.0

Guideline 6-8 / MUTABLE-8: Define wrapper methods around modifiable internal state

Bibliography

[Bloch 2008]

Item 13, "Minimize the Accessibility of Classes and Members"
Item 14, "In Public Classes, Use Accessor Methods, Not Public Fields"

[Conventions 2009]
 

[Core Java 2004]

Chapter 6, "Interfaces and Inner Classes"

[JLS 2015]

§4.12.4, "final Variables"
§6.6, "Access Control"

[Long 2005]

Section 2.2, "Public Fields"

[Mettler 2010]

Class Properties for Security Review in an Object-Capability Subset of Java

 


...