java安全編碼指南之:Mutability可變性

原創 程序那些事 2020-09-03 21:04
{"type":"doc","content":[{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"簡介"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"mutable(可變)和immutable(不可變)對象是我們在java程序編寫的過程中經常會使用到的。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"可變類型對象就是說,對象在創建之後,其內部的數據可能會被修改。所以它的安全性沒有保證。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"而不可變類型對象就是說,對象一旦創建之後,其內部的數據就不能夠被修改,我們可以完全相信這個對象。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"雖然mutable對象安全性不夠,但是因爲其可以被修改,所以會有效的減少對該對象的拷貝。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"而immutable對象因爲不可改變,所以嘗試對該對象的修改都會導致對象的拷貝,從而生成新的對象。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"我們最常使用的String就是一個immutable對象。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"那麼可變性在java的安全編碼中的最佳實踐是怎麼樣的呢? 一起來看看吧。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"可變對象和不可變對象"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"知道了可變對象和不可變對象的不同之處之後,我們看一下怎麼才能判斷這個對象是可變對象還是不可變對象呢?"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"首先,最簡單的一點就是,不可變對象創建之後就不能夠被修改,所以不可變對象裏面基本上沒有setXXX之類的方法,而可變對象提供了setXXX這些可以修改內部變量狀態的方法。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"看一個例子java.util.Date是一個可變對象,而java.time.LocalTime是不可變對象。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"看下他們的方法定義有什麼區別呢?"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/1c/1c27848450887fc18944c56e795cd3b5.png","alt":"","title":null,"style":null,"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"首先是Date,我們可以看到在其中定義了很多setXXX方法。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/a6/a6084fa54b278ae4f36082b2749ead14.png","alt":"","title":null,"style":null,"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"而在LocalTime中,我們基本上看不到setXXX方法。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"同時不可變對象的字段基本上都是final的,防止被二次修改。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第二,不可變對象一般來說是不可繼承的,在java中就是以final關鍵字做限定的:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"public class Date\npublic final class LocalTime\n"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第三,不可變對象一般會隱藏構造函數,而是使用類似工廠模式的方法來創建對象,這樣爲實例的創建提供了更多的機動性。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"創建mutable對象的拷貝"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"那麼如果我們想使用mutable對象,又不想被別人修改怎麼辦呢?"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"簡單的辦法就是拷貝一份要使用的對象:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"public class CopyOutput {\n private final java.util.Date date;\n ...\n public java.util.Date getDate() {\n return (java.util.Date)date.clone();\n }\n }\n"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"這裏大家還要注意深拷貝和淺拷貝的問題。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"爲mutable類創建copy方法"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"既然要爲mutable對象創建拷貝,那麼相應的mutable類也需要提供一個copy方法來協助拷貝。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"這裏需要考慮一個深拷貝和淺拷貝的問題。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"不要相信equals"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"我們知道在HashMap中怎麼去查找一個key呢?先去找這個key的hash值,然後去判斷key.equals方法是否相等,考慮下面這種情況:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"private final Map extras = new HashMap<>();\n\n public void op(Window window) {\n Extra extra = extras.get(window);\n }\n"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"op方法接收一個Window對象,然後將其當成key從HashMap中取出對應的value。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"如果,這個時候,我們有一個類A繼承了Window,並且hash值和equals都和另外一個Window對象B相同,那麼使用A這個key可以獲取到B這個key存儲的數據!"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"怎麼解決這個問題呢?"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Java中有一個特別的HashMap:IdentityHashMap,這個Map的key和value比較是用==而不是equals方法,所以可以有效的避免上面出現的問題。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"private final Map extras = new IdentityHashMap<>();\n\n public void op(Window window) {\n Extra extra = extras.get(window);\n }\n"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"如果沒有這樣的Map可用,那麼可以使用不可變對象作爲key或者使用Window的私有變量,從而惡意攻擊者無法獲得這個變量。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"public class Window {\n /* pp */ \n class PrivateKey {\n Window getWindow() {\n return Window.this;\n }\n }\n final PrivateKey privateKey = new PrivateKey();\n\n private final Map extras =\n new WeakHashMap<>();\n ...\n }\n\n public class WindowOps {\n public void op(Window window) {\n // Window.equals may be overridden,\n // but safe as we don't use it.\n Extra extra = extras.get(window.privateKey);\n ...\n }\n }\n"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"不要直接暴露可修改的屬性"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"如果一個可變類中的某個屬性確實需要暴露被外部使用,那麼一定要將這個屬性定義爲private,並且使用wrapper方法將其包裝起來。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"如果直接暴露出去,那麼基本上就沒有權限控制可言,任何程序只要能夠拿到你這個對象,就可以對屬性進行修改。考慮下下面的應用方式,我們在修改state的方法中加入了一個參數校驗和權限控制。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"public final class WrappedState {\n // private immutable object\n private String state;\n\n // wrapper method\n public String getState() {\n return state;\n }\n\n // wrapper method\n public void setState(final String newState) {\n this.state = requireValidation(newState);\n }\n\n private static String requireValidation(final String state) {\n if (...) {\n throw new IllegalArgumentException(\"...\");\n }\n return state;\n }\n }\n"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"public static fields應該被置位final"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"同樣的,如果你是一個類變量,當然不希望這個變量會被任何人修改,那麼需要將其置位final。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"public class Files {\n public static final String separator = \"/\";\n public static final String pathSeparator = \":\";\n }\n"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":1},"content":[{"type":"text","text":"public static final field 應該是不可變的"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"如果類變量是public static final的,那麼這個變量一定要是不可變的。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"有人會問了,都定義成了final了,是不是就已經不可變了?"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"其實不然,比如我們定義了一個final的List,雖然這個list不能變化,但是list裏面的值是可以變化的。我們需要將可變變量修改爲不可變變量,如下所示:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"import static java.util.Arrays.asList;\n import static java.util.Collections.unmodifiableList;\n ...\n public static final List names = unmodifiableList(asList(\n \"Fred\", \"Jim\", \"Sheila\"\n ));\n"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"如果使用JDK9中引入的of()或者ofEntries()方法,可以直接創建不可修改的集合:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"public static final List\n names =\n List.of(\"Fred\", \"Jim\", \"Sheila\");\n"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"italic"}],"text":"本文已收錄於 "},{"type":"link","attrs":{"href":"http://www.flydean.com/java-security-code-line-mutability/","title":null},"content":[{"type":"text","text":"http://www.flydean.com/java-security-code-line-mutability/"}],"marks":[{"type":"italic"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"italic"}],"text":"最通俗的解讀,最深刻的乾貨,最簡潔的教程,衆多你不知道的小技巧等你來發現!"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"italic"}],"text":"歡迎關注我的公衆號:「程序那些事」,懂技術,更懂你!"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}}]}
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

mybatis開啓MapperScannerConfigurer導致properties不生效

背景 spring和mybatis集成過程中,我們可以通過MapperFactoryBean的方式配置Mapper接口。但是這樣需要在配置文件中,爲每個mapper配置相同的代碼塊,浪費時間。關鍵對於代碼潔癖的人來說,一點不能忍。 <bea

原創 2024-02-07 13:55:41

Java字符串的一些理解

爲什麼要研究字符串? 人機交互的過程中,文字、數字、字母、符號都是字符表現形式,這部分內容佔了人機信息交互的大部分內容,所以有必要明確一些基本問題。因此大部分數據類型都應該有字符串表達形式,我們在定義新類型的時候可以根據需要來定義新類型的

原創 2023-10-31 09:11:32

(二)java版spring boot 社交電子商務平臺-security簡單使用

security的簡單原理: 使用衆多的攔截器對url攔截,以此來管理權限。但是這麼多攔截器,不可能對其一一來講,主要講裏面核心流程的兩個。 首先,權限管理離不開登陸驗證的,所以登陸驗證攔截器AuthenticationProcessing

原創 2023-10-10 11:05:06

(三)java版spring cloud+spring boot+redis多租戶社交電子商務平臺-Spring Cloud實戰隨機端口

我們經常會需要啓動多個實例的情況來測試註冊中心、配置中心等基礎設施的高可用,也會用來測試客戶端負載均衡的調用等。但是,我們一個應用只能有一個端口號,這就使得在本機測試的時候,不得不爲同一個服務設置不同的端口來進行啓動。 在本地用不同端口啓動

原創 2023-10-10 11:05:04

如何使用 Java 反射?反射的用法及案例

簡介     Java Reflection,稱爲 Java 反射,是Java基礎部分的一個比較難的點。Reflection(反射)是被視爲動態語言的關鍵,通過反射機制,我們可以在運行時(runtime)獲取類的完整結構。例如,可以獲取到

原創 2023-10-10 02:23:57

最新美團面試集合(一面+二面+三面+重點技術面試題)附面試解析

一面 1. 簡短自我介紹 2. 事務的ACID,其中把事務的隔離性詳細解釋一遍 3. 髒讀、幻影讀、不可重複讀 4. 紅黑樹、二叉樹的算法 5. 平常用到哪些集合類?ArrayList和LinkedList區別?HashMap內部數據結構

原創 2023-10-10 01:43:49

Java程序員不想被裁員困擾,應該怎樣築基、發展才能越走越遠?

  當我們站在技術之路的原點,未來可能充滿了迷茫,也存在着很多不同的可能。在這個知識爆炸與終身學習/碎片化學習爲主的時代,我們面臨的問題之一就是如何進行有效學習,不僅能有效平衡廣度與深度,並且能真正的積澱下來,提升自己的研發效能。於筆者而

原創 2023-10-10 01:43:34

阿里巴巴Java開發手冊 梳理筆記 - finally 塊必須對資源對象、流對象進行關閉

阿里巴巴Java開發手冊 梳理筆記 - finally 塊必須對資源對象、流對象進行關閉 規約內容: 2.1 異常處理 6. 【強制】 finally 塊必須對資源對象、流對象進行關閉,有異常也要做 try - catch 。 說明:如果

原創 2023-08-02 10:29:06

java併發-CAS的理解

在Java方面,能夠實現多線程安全修改對象值得方法只有2個 1.原子操作 2.互斥方法 而在Java當中,或是其他語言中,基本上也都是使用CAS實現。CAS是比較並交換的意思,這個操作包含2個連續的操作,比較,還有賦值,因爲2個操作在cpu

原創 2023-05-29 01:40:21

java併發-Timer類的使用和原理

單線程輪詢並執行任務,有可能會導致飢餓。比較適合於一些具有一個任務的週期調度。 任務列表用數組存儲,元素最前面的元素是最先被執行的任務。 schedule方法是固定間隔執行,根據上一次執行的結束時間來定義間隔的開始時間 scheduleAt

原創 2023-03-28 01:52:22

java併發-ReadWriteLock代碼理解

創建的ReadWriteLock需要使用兩個方法來繼續創造2個對象,分別是ReadLock和WriteLock。 這兩個鎖對象的方法調用都會匯聚到ReadWriteLock的Sync類中。多個對象的方法調用匯聚到一個對象上面,這個設計模式是

原創 2023-03-28 01:52:20

java併發-synchronized關鍵字

synchronized關鍵字可以修飾普通方法,靜態方法,當修飾普通方法,鎖對象是當前對象,當修飾靜態方法,鎖對象是當前類的class synchroinzed關鍵字可以使用同步代碼塊實現同步,此時可以指定鎖對象。 同步方法的實現方式 同步

原創 2023-03-28 01:52:18

java併發-AQS總結-原理

AQS是Java多線程編程的重入鎖,管程,工具類的基礎類,是必須要掌握的。不掌握這個類,根本不能稱之爲合格的Java程序員。 即使是把這個類所有的代碼都背會,也是值得的。 如何標識已經有線程在執行呢? 有兩個變量,一個state變量,一個e

原創 2023-03-28 01:52:16

java併發-緩存一致性協議和內存屏障的思考和理解

################這是之前的思考 內存屏障只是保證清空流水線,如何保證高速緩存的內容更新到最新或刷新到主存呢?這個問題突然想到了,不知道這個需要怎回答。 內存屏障保證的CPU執行執行序列能夠順序執行,而不是亂序執行。當然,前提

原創 2023-03-28 01:52:14

Java併發-volidate關鍵字

使用volidate關鍵字修飾的成員變量,保證可見性,也就是當一個線程修改這樣的成員變量後,其他的線程能夠立即看到這次的修改。有兩個方面的原因: 1.編譯器不優化對這樣的關鍵字修飾變量的一些訪問操作 2.對讀,寫這個關鍵字修飾的變量前後,會

原創 2023-03-28 01:52:13