Security - Array is stored directly - String [][]

Asked Feb 08 '13 at 16:36

Active Feb 08 '13 at 16:59

Viewed 93 times

I did not see an anwser anywhere about this specific Sonar violation in the case of an array of an array.

Sonar Violation: Security - Array is stored directly

Code with problem :

public void setData(String[][] data) {  
    if(data == null) { 
        this.data = new String[0][];
    } else { 
        String[][] dataCopy = new String[data.length][];
        System.arraycopy(data, 0, dataCopy, 0, data.length);
        this.data = dataCopy;
    }

I cannot used the following solution because of my java version :

public void setData(String[][] data) {  
    if(data == null) { 
        this.data = new String[0][0];
    } else { 
        this.data = Arrays.copyOf(data, data.length); 
    } 
}

Any suggestions to solve this issue ?

edited Feb 08 '13 at 16:43

Bimalesh Jha

1,464
9
17

asked Feb 08 '13 at 16:36

Jean Reno

6

See http://stackoverflow.com/questions/11580948/sonar-violation-security-array-is-stored-directly – igarcia Feb 08 '13 at 16:37
2

Currently, you're simply copying the original `String[]` array references into a new `String[][]`. You need to do a deep copy, i.e. also cloning those inner `String[]` before placing them into the outer `String[][]`. – Mattias Buelens Feb 08 '13 at 16:40

Security - Array is stored directly - String [][]

0 Answers0