Public cloneable() Method Without Final ('Object Hijack')

Draft Variant

Structure: Simple

Description

A class has a cloneable() method that is not declared final, which allows an object to be created without calling the constructor. This can cause the object to be in an unexpected state.

Common Consequences 1

Scope: IntegrityOther

Impact: Unexpected StateVaries by Context

Potential Mitigations 1

Phase: Implementation

Make the cloneable() method final.

Demonstrative Examples 2

In this example, a public class "BankAccount" implements the cloneable() method which declares "Object clone(string accountnumber)":

Code Example:Bad
Java
java

In the example below, a clone() method is defined without being declared final.

Code Example:Bad
Java
java

References 2

Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors

Katrina Tsipenyuk, Brian Chess, and Gary McGraw

NIST Workshop on Software Security Assurance Tools Techniques and Metrics • NIST

07-11-2005

https://samate.nist.gov/SSATTM_Content/papers/Seven%20Pernicious%20Kingdoms%20-%20Taxonomy%20of%20Sw%20Security%20Errors%20-%20Tsipenyuk%20-%20Chess%20-%20McGraw.pdf

ID: REF-6

OWASP , Attack Category : Mobile code: object hijack

OWASP

http://www.owasp.org/index.php/Mobile_code:_object_hijack

ID: REF-453

Applicable Platforms

Languages:

Java : Undetermined

Modes of Introduction

Implementation

Related Weaknesses

ChildOf:

Exposure of Resource to Wrong Sphere (CWE-668)

Taxonomy Mapping

7 Pernicious Kingdoms
The CERT Oracle Secure Coding Standard for Java (2011)
Software Fault Patterns