Object Model Violation: Just One of equals() and hashCode() Defined

From OWASP
Revision as of 11:42, 19 July 2006 by Weilin Zhong (Talk | contribs)

Jump to: navigation, search

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

This article includes content generously donated to OWASP by Fortify.JPG.

Abstract

This class overrides only one of equals() and hashCode().

Description

Java objects are expected to obey a number of invariants related to equality. One of these invariants is that equal objects must have equal hashcodes. In other words, if a.equals(b) == true then a.hashCode() == b.hashCode().

Failure to uphold this invariant is likely to cause trouble if objects of this class are stored in a collection. If the objects of the class in question are used as a key in a Hashtable or if they are inserted into a Map or Set, it is critical that equal objects have equal hashcodes.

Examples

The following class overrides equals() but not hashCode().

 public class halfway() {
   public boolean equals(Object obj) {
 	...
   }
 }

Related Threats

Related Attacks

Related Vulnerabilities

Related Countermeasures

Categories