Public Data Assigned to Private Array-Typed Field

Incomplete Variant

Structure: Simple

Description

This vulnerability occurs when a developer stores sensitive data in a private array, but then assigns a publicly accessible reference to that same array. This effectively makes all the private array's contents available to unauthorized code, bypassing intended access controls.

Extended Description

When you declare an array field as `private`, you're telling the system that external code shouldn't directly access it. However, if you then assign a public variable or return value to point to that same private array, you've created a backdoor. Any code with access to the public reference can now read, modify, or delete the supposedly private data, completely undermining your encapsulation. To prevent this, never expose references to your private arrays. Instead, return copies (defensive copies) of the array data or use immutable collections. Always validate that your getter methods or public fields don't provide direct access to mutable private objects, as this is a common oversight that leads to serious data exposure.

Common Consequences 1

Scope: Integrity

Impact: Modify Application Data

The contents of the array can be modified from outside the intended scope.

Detection Methods 1

Automated Static AnalysisHigh

Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)

Potential Mitigations 1

Phase: Implementation

Do not allow objects to modify private members of a class.

Demonstrative Examples 1

In the example below, the setRoles() method assigns a publically-controllable array to a private field, thus allowing the caller to modify the private array directly by virtue of the fact that arrays in Java are mutable.

Code Example:Bad
Java
java

References 1

Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors

Katrina Tsipenyuk, Brian Chess, and Gary McGraw

NIST Workshop on Software Security Assurance Tools Techniques and Metrics • NIST

07-11-2005

https://samate.nist.gov/SSATTM_Content/papers/Seven%20Pernicious%20Kingdoms%20-%20Taxonomy%20of%20Sw%20Security%20Errors%20-%20Tsipenyuk%20-%20Chess%20-%20McGraw.pdf

ID: REF-6

Applicable Platforms

Languages:

C : UndeterminedC++ : UndeterminedJava : UndeterminedC# : Undetermined

Modes of Introduction

Implementation

Related Weaknesses

ChildOf:

Improper Control of a Resource Through its Lifetime (CWE-664)

Taxonomy Mapping

7 Pernicious Kingdoms
Software Fault Patterns