Passing Mutable Objects to an Untrusted Method
Weakness ID: 375 (Weakness Base)Status: Draft
+ Description

Description Summary

Sending non-cloned mutable data as a return value may result in that data being altered or deleted by the calling function, thereby putting the class in an undefined state.
+ Time of Introduction
  • Implementation
+ Applicable Platforms






+ Common Consequences
Access Control

Potentially data could be tampered with by another function which should not have been tampered with.

+ Likelihood of Exploit


+ Demonstrative Examples

Example 1

(Bad Code)
Example Languages: C and C++ 
private: externalClass foo; public: void doStuff() {
//..//Modify foo
return foo;
(Bad Code)
Example Language: Java 
public class foo {
private externalClass bar = new externalClass();
public doStuff(...){

//..//Modify bar
return bar;
+ Potential Mitigations

Phase: Implementation

Pass in data which should not be altered as constant or immutable.

Phase: Implementation

Clone all mutable data before returning references to it. This is the preferred mitigation. This way, regardless of what changes are made to the data, a valid copy is retained for use by the class.

+ Other Notes

In situations where functions return references to mutable data, it is possible that this external code, which called the function, may make changes to the data sent. If this data was not previously cloned, you will be left with modified data which may, or may not, be valid in the context of the class in question.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory371State Issues
Development Concepts (primary)699
ChildOfWeakness ClassWeakness Class668Exposure of Resource to Wrong Sphere
Research Concepts (primary)1000
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
CLASPPassing mutable objects to an untrusted method
+ Content History
Submission DateSubmitterOrganizationSource
CLASPExternally Mined
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time of Introduction
2008-09-08CWE Content TeamMITREInternal
updated Applicable Platforms, Common Consequences, Relationships, Other Notes, Taxonomy Mappings