SECURITY.CLONE

Make your classes uncloneable

Description

This rule flags cloneable classes.

Java's object cloning mechanism lets you make exact duplicates of objects that have already been instantiated in a running program. This can let an attacker manufacture new instances of classes you define, without executing any of your constructors. If your class is not cloneable, the attacker can define a subclass of your class and make the subclass implement java.lang.Cloneable. This lets the attacker make new instances of your class by copying the memory images of existing objects. This is often an unacceptable way to make a new object.

Repair

If you want your class to be cloneable, you can protect yourself by defining a clone method and making it final. If you're relying on a non-final clone method in one of your super classes, then override the method to make it final or make your entire class final.

Reference

Viaga, J., McGraw,G., Mutsdoch,T, Felten, E.. "Statically Scanning Java Code: Finding Security Vulnerabilities." IEEE Software, September/October 2000.