defensive copying

本文介绍了防御性复制的概念及其重要性,特别强调了在处理可变对象时如何避免意外修改,确保API的安全性和稳定性。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

Defensive Copying
19 comments, 0 freshness points, 270 goodness points
Submission of type Article by YoGee Jun 6, 2007 5:35:33 AM | Tags: Copying Defensive Immutable Mutable good safety thread
category: Java/LanguageAn introduction to defensive copying.

Content

Programming defensively is an essential skill to learn if you want to produce a robust API. By implementing defensive copying you can avoid unwanted and unexpected behaviour that can compromise security and confuse your API clients.

The key to understanding defensive copying is understanding the difference between a mutable and an immutable class.

An immutable class is a class whose instances cannot be modified, for example the java.lang.String class.

A mutable class is a class whose instances can be modified, for example the java.util.Date class.

Whilst immutable objects are inherently thread safe, mutable objects are not, and this is when we need to consider making defensive copies.

Take the following example:

 

 

public final class Person {

private final String name;

private final Date dateOfBirth;

public Person(final String name, final Date dateOfBirth)

{ this.dateOfBirth = dateOfBirth; this.name = name; }

public String getName() { return name; }

public Date getDateOfBirth() { return dateOfBirth; }

}

This class is immutable, right? Wrong.

Whilst it appears we cannot change the internal state of a Person Object after it has been instantiated this is actually not the case since dateOfBirth is a mutable parameter.

 

 

final Date dob = new Date(455531800421l);

final Person p = new Person("John Smith", dob);

System.out.println(p.getName() + " dob: " + p.getDateOfBirth());

dob.setTime(555531800421l); // could also get dob via p.getDateOfBirth(); here System.out.println(p.getName() + " dob: " + p.getDateOfBirth());

 

 

Result:

John Smith dob: Fri Jun 08 09:36:40 BST 1984 John Smith dob: Sun Aug 09 19:23:20 BST 1987

 

 

We have changed John Smith's DOB.

To avoid this we can defensively copy dateOfBirth: (notice we do this when we set dateOfBirth and when we expose it)

public final class Person {

private final String name;

private final Date dateOfBirth;

public Person(final String name, final Date dateOfBirth)

{ this.dateOfBirth = new Date(dateOfBirth.getTime()); this.name = name; }

public String getName() { return name; }

public Date getDateOfBirth() { return (Date) dateOfBirth.clone(); }

 }

 

 

Now it is not possible to modify the internal state of a Person Object after it has been instantiated and it is truly immutable (assuming we have an appropriate SecurityManager in place).

Defensive copying isn't just for immutable classes, whenever you are dealing with a client provided Object consider if that Object is mutable and what the side effects could be if the client modifies that Object.

资源下载链接为: https://pan.quark.cn/s/22ca96b7bd39 在当今的软件开发领域,自动化构建与发布是提升开发效率和项目质量的关键环节。Jenkins Pipeline作为一种强大的自动化工具,能够有效助力Java项目的快速构建、测试及部署。本文将详细介绍如何利用Jenkins Pipeline实现Java项目的自动化构建与发布。 Jenkins Pipeline简介 Jenkins Pipeline是运行在Jenkins上的一套工作流框架,它将原本分散在单个或多个节点上独立运行的任务串联起来,实现复杂流程的编排与可视化。它是Jenkins 2.X的核心特性之一,推动了Jenkins从持续集成(CI)向持续交付(CD)及DevOps的转变。 创建Pipeline项目 要使用Jenkins Pipeline自动化构建发布Java项目,首先需要创建Pipeline项目。具体步骤如下: 登录Jenkins,点击“新建项”,选择“Pipeline”。 输入项目名称和描述,点击“确定”。 在Pipeline脚本中定义项目字典、发版脚本和预发布脚本。 编写Pipeline脚本 Pipeline脚本是Jenkins Pipeline的核心,用于定义自动化构建和发布的流程。以下是一个简单的Pipeline脚本示例: 在上述脚本中,定义了四个阶段:Checkout、Build、Push package和Deploy/Rollback。每个阶段都可以根据实际需求进行配置和调整。 通过Jenkins Pipeline自动化构建发布Java项目,可以显著提升开发效率和项目质量。借助Pipeline,我们能够轻松实现自动化构建、测试和部署,从而提高项目的整体质量和可靠性。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值