Your most unhappy customers are your greatest source of learning.

Malicious code vulnerability - May expose internal representation by returning reference to mutable object

Hi Everyone,

Normally this kind of violations comes when you are using mutable object in getter settter.

Ideally you should not direct return mutable object, instead you can return clone of that mutable object.

If you see this violation in your code , you can use below code for your mutable object :

If you are using Date :

public class DateTest {
    private Date date;

    public DateTest() {


    public Date getDate() {
        return (Date) date.clone();

    public void setDate(Date date) { = (Date) date.clone();

If you are using Array:

public String[] getChkBox() {

return (String[])chkBox.clone();


Most Reading


Like Me & Share

Buy Websites

My Followers