CWE-595

Comparison of Object References Instead of Object Contents

AI Translation Available

The product compares object references instead of the contents of the objects themselves, preventing it from detecting equivalent objects.

Status

incomplete

Abstraction

variant

Affected Platforms

Java JavaScript Not Language-Specific PHP

Extended Description

AI Translation

For example, in Java, comparing objects using == usually produces deceptive results, since the == operator compares object references rather than values; often, this means that using == for strings is actually comparing the strings' references, not their values.

Technical Details

AI Translation

Common Consequences

other

Impacts

varies by context

Detection Methods

automated static analysis

Potential Mitigations

Phases:

implementation

Descriptions:

• In Java, use the equals() method to compare objects instead of the == operator. If using ==, it is important for performance reasons that your objects are created by a static factory, not by a constructor.

AI Generated Translation

Common Consequences

altro

Impacts

varia dal contesto

Detection Methods

analisi statica automatizzata

Potential Mitigations

Phases:

implementazione

Descriptions:

• In Java, utilizza il metodo equals() per confrontare gli oggetti invece dell'operatore ==. Se utilizzi ==, è importante per motivi di prestazioni che i tuoi oggetti siano creati tramite una factory statica, e non tramite un costruttore.

CWE-595

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Iscriviti alla newsletter