• <small id='JsibA'></small><noframes id='JsibA'>

  • <i id='JsibA'><tr id='JsibA'><dt id='JsibA'><q id='JsibA'><span id='JsibA'><b id='JsibA'><form id='JsibA'><ins id='JsibA'></ins><ul id='JsibA'></ul><sub id='JsibA'></sub></form><legend id='JsibA'></legend><bdo id='JsibA'><pre id='JsibA'><center id='JsibA'></center></pre></bdo></b><th id='JsibA'></th></span></q></dt></tr></i><div id='JsibA'><tfoot id='JsibA'></tfoot><dl id='JsibA'><fieldset id='JsibA'></fieldset></dl></div>
  • <tfoot id='JsibA'></tfoot>

      <legend id='JsibA'><style id='JsibA'><dir id='JsibA'><q id='JsibA'></q></dir></style></legend>
          <bdo id='JsibA'></bdo><ul id='JsibA'></ul>
      1. 声纳违规:安全 - 阵列直接存储

        Sonar Violation: Security - Array is stored directly(声纳违规:安全 - 阵列直接存储)
        • <tfoot id='F3eTc'></tfoot>

          1. <i id='F3eTc'><tr id='F3eTc'><dt id='F3eTc'><q id='F3eTc'><span id='F3eTc'><b id='F3eTc'><form id='F3eTc'><ins id='F3eTc'></ins><ul id='F3eTc'></ul><sub id='F3eTc'></sub></form><legend id='F3eTc'></legend><bdo id='F3eTc'><pre id='F3eTc'><center id='F3eTc'></center></pre></bdo></b><th id='F3eTc'></th></span></q></dt></tr></i><div id='F3eTc'><tfoot id='F3eTc'></tfoot><dl id='F3eTc'><fieldset id='F3eTc'></fieldset></dl></div>

              • <small id='F3eTc'></small><noframes id='F3eTc'>

              • <legend id='F3eTc'><style id='F3eTc'><dir id='F3eTc'><q id='F3eTc'></q></dir></style></legend>
                  <tbody id='F3eTc'></tbody>
                  <bdo id='F3eTc'></bdo><ul id='F3eTc'></ul>
                  本文介绍了声纳违规:安全 - 阵列直接存储的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

                  问题描述

                  存在声纳违规:

                  声纳违规:安全 - 阵列直接存储

                  public void setMyArray(String[] myArray) { 
                    this.myArray = myArray; 
                  } 
                  

                  解决方案:

                  public void setMyArray(String[] newMyArray) { 
                    if(newMyArray == null) { 
                      this.myArray = new String[0]; 
                    } else { 
                     this.myArray = Arrays.copyOf(newMyArray, newMyArray.length); 
                    } 
                  }
                  

                  但我想知道为什么?

                  推荐答案

                  抱怨您存储的数组与调用者持有的数组相同.也就是说,如果调用者随后修改了这个数组,那么存储在对象中的数组(以及对象本身)将会改变.

                  It's complaining that the array you're storing is the same array that is held by the caller. That is, if the caller subsequently modifies this array, the array stored in the object (and hence the object itself) will change.

                  解决方案是在对象被传递时在对象内进行复制.这称为防御性复制.对集合的后续修改不会影响存储在对象中的数组.

                  The solution is to make a copy within the object when it gets passed. This is called defensive copying. A subsequent modification of the collection won't affect the array stored within the object.

                  通常在返回集合时执行此操作也是一个好习惯(例如,在相应的 getMyArray() 调用中).否则接收者可能会执行修改并影响存储的实例.

                  It's also good practice to normally do this when returning a collection (e.g. in a corresponding getMyArray() call). Otherwise the receiver could perform a modification and affect the stored instance.

                  请注意,这显然适用于所有可变集合(实际上是所有可变对象)——不仅仅是数组.另请注意,这会对性能产生影响,需要与其他问题一起评估.

                  Note that this obviously applies to all mutable collections (and in fact all mutable objects) - not just arrays. Note also that this has a performance impact which needs to be assessed alongside other concerns.

                  这篇关于声纳违规:安全 - 阵列直接存储的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

                  本站部分内容来源互联网,如果有图片或者内容侵犯了您的权益,请联系我们,我们会在确认后第一时间进行删除!

                  相关文档推荐

                  Slf4j LoggerFactory.getLogger and sonarqube(Slf4j LoggerFactory.getLogger 和 sonarqube)
                  Security - Array is stored directly(安全性 - 数组直接存储)
                  SonarQube quot;Class Not Foundquot; during Main AST Scan(SonarQube“找不到类在主 AST 扫描期间)
                  Integrate Spock#39;s test with Sonar(将 Spock 的测试与声纳集成)
                  How do I make Hudson/Jenkins fail if Sonar thresholds are breached?(如果违反声纳阈值,我如何让 Hudson/Jenkins 失败?)
                  automatically add curly brackets to all if/else/for/while etc. in a java code-base(自动将大括号添加到 java 代码库中的所有 if/else/for/while 等)
                    <tbody id='rGkzs'></tbody>
                  <i id='rGkzs'><tr id='rGkzs'><dt id='rGkzs'><q id='rGkzs'><span id='rGkzs'><b id='rGkzs'><form id='rGkzs'><ins id='rGkzs'></ins><ul id='rGkzs'></ul><sub id='rGkzs'></sub></form><legend id='rGkzs'></legend><bdo id='rGkzs'><pre id='rGkzs'><center id='rGkzs'></center></pre></bdo></b><th id='rGkzs'></th></span></q></dt></tr></i><div id='rGkzs'><tfoot id='rGkzs'></tfoot><dl id='rGkzs'><fieldset id='rGkzs'></fieldset></dl></div>
                  <legend id='rGkzs'><style id='rGkzs'><dir id='rGkzs'><q id='rGkzs'></q></dir></style></legend>

                      <small id='rGkzs'></small><noframes id='rGkzs'>

                        <tfoot id='rGkzs'></tfoot>

                          <bdo id='rGkzs'></bdo><ul id='rGkzs'></ul>