CWE-581 对象模型违背:仅定义了一个等式与散列码
Object Model Violation: Just One of Equals and Hashcode Defined
结构: Simple
Abstraction: Base
状态: Draft
被利用可能性: unkown
基本描述
The software does not maintain equal hashcodes for equal objects.
扩展描述
Java objects are expected to obey a number of invariants related to equality. One of these invariants is that equal objects must have equal hashcodes. In other words, if a.equals(b) == true then a.hashCode() == b.hashCode().
相关缺陷
-
cwe_Nature: ChildOf cwe_CWE_ID: 573 cwe_View_ID: 1000 cwe_Ordinal: Primary
-
cwe_Nature: ChildOf cwe_CWE_ID: 697 cwe_View_ID: 1000
-
cwe_Nature: ChildOf cwe_CWE_ID: 573 cwe_View_ID: 699 cwe_Ordinal: Primary
适用平台
Language: {'cwe_Name': 'Java', 'cwe_Prevalence': 'Undetermined'}
常见的影响
| 范围 | 影响 | 注释 |
|---|---|---|
| ['Integrity', 'Other'] | Other | If this invariant is not upheld, it is likely to cause trouble if objects of this class are stored in a collection. If the objects of the class in question are used as a key in a Hashtable or if they are inserted into a Map or Set, it is critical that equal objects have equal hashcodes. |
可能的缓解方案
Implementation
策略:
Both Equals() and Hashcode() should be defined.
分类映射
| 映射的分类名 | ImNode ID | Fit | Mapped Node Name |
|---|---|---|---|
| The CERT Oracle Secure Coding Standard for Java (2011) | MET09-J | Classes that define an equals() method must also define a hashCode() method |
文章来源于互联网:scap中文网
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论