60 lines
927 B
Plaintext
60 lines
927 B
Plaintext
When a method doesn't match it's ``++super++`` method in visibility (``++public++``, ``++protected++``, ...), malicious callers could take advantage of the over-broad access offered by the child class to undermine the application.
|
|
|
|
|
|
== Noncompliant Code Example
|
|
|
|
----
|
|
public class Parent {
|
|
|
|
protected void foo() {
|
|
//...
|
|
}
|
|
}
|
|
|
|
public class Child extends Parent {
|
|
|
|
public void foo() { // Noncompliant
|
|
// ...
|
|
super.foo();
|
|
}
|
|
}
|
|
----
|
|
|
|
|
|
== Compliant Solution
|
|
|
|
----
|
|
public class Parent {
|
|
|
|
protected void foo() {
|
|
//...
|
|
}
|
|
}
|
|
|
|
public class Child extends Parent {
|
|
|
|
protected void foo() {
|
|
// ...
|
|
super.foo();
|
|
}
|
|
}
|
|
----
|
|
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::message.adoc[]
|
|
|
|
include::highlighting.adoc[]
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::comments-and-links.adoc[]
|
|
endif::env-github,rspecator-view[]
|