Returning a private object in Java

ShaqDiesel · 10-06-2007, 04:00 AM

In a book it says that returning a reference to a private instance variable of a class type(via an accessor method) can cause a privacy leak. Can someone show me a code example of this?

cheeseplz · 10-12-2007, 10:21 AM

I could, but that would require effort ;-)

Accessor methods are designed to provide read-only access to private (or protected) variables. Remember that primitive types such as int and float are passed and returned by value, whereas reference types (objects) are passed and returned by memory address.

What this means is, when you return an object, you return its memory address and nothing can stop the calling method from modifying the data stored at that memory location; i.e. you just gave the calling method write access to that private variable.

Hope that made sense ;-)

Cheers,
Lee

sibtay · 10-12-2007, 11:02 AM

Code:

public class MiscTest {
	public static void main(String args[]){
		
		Person p1 = new Person("person1");
		Height p1_h = p1.getHeight();
		p1_h.setInches(6);
		
		Height p1_h2 = p1.getHeight();
		System.out.println("Height  = " + p1_h2.getFeet() + 
							"feet And " + p1_h2.getInches() + 
							" Inches");
	}
}

class Person {
	private String name;
	private Height height;
	
	public Person(String p_name){
		name = p_name;
		height = new Height(5, 11);
	}
	
	public Height getHeight(){ return height; }
	
}

class Height {
	int feet;
	int inches;
	
	Height(int p_feet, int p_inches){
		feet = p_feet;
		inches = p_inches;
	}
	
	void setInches(int p_inches){
		inches = p_inches;
	}
	
	int getInches(){ return inches;};
	int getFeet(){ return feet;};
}

Here you go, inches should be "11" but they are now changed to "6" because:

Code:

Height p1_h = p1.getHeight();
p1_h.setInches(6);

broke the encapsulation and changed the value of a private data member.

This is so stupid!