JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

CodeSonar® 9.2p0 CONFIDENTIAL CodeSecure Inc
Java

JAVA.IDEF.EQUALSNOHC : Defines equals but not hashCode (Java)

Summary

The hashCode() method seems needed.

Redefinitions of the equals()/hashCode() methods from java.lang.Object must be consistent in the sense that, for instance, if two objects are equals() then hashCode() must yield the same value on both. The validity of such a property is in general undecidable, but most incorrect definitions amount to simple cases, where one of the two methods is missing. However, it is often correct to redefine only one of those methods and the analyzer is aware of many such situations.

Inconsistent definitions of equals()/hashCode() induce unexpected behaviors when objects are put inside most Collection classes of the standard Java library.

Properties

Class Name Defines equals but not hashCode (Java)
Significance reliability
Mnemonic JAVA.IDEF.EQUALSNOHC
Categories
CWE CWE:581 Object Model Violation: Just One of Equals and Hashcode Defined
CERT-Java CERT-Java:MET09-J Classes that define an equals() method must also define a hashCode() method
Availability Available for Java and Kotlin.
Enabling Checks for this warning class are enabled by default. To disable them, add the following WARNING_FILTER rule to the project configuration file. 
WARNING_FILTER += discard class="Defines equals but not hashCode (Java)"

Example

Given the following code, it would be possible to create two objects X and Y such that:

// EqualsHashCode.java 
public class EqualsHashCode {
  private final String name;

  public EqualsHashCode(String name) {
    this.name = name;
  }

  @Override
  public boolean equals(Object other) { // "Defines equals but not hashCode (Java)" warning issued here
    return other instanceof EqualsHashCode && ((EqualsHashCode) other).name.equals(name);
  }
}

// B.java 
class B {
  private final String name;

  public B(String name) {
    this.name = name;
  }

  @Override
  public int hashCode() {
    return name.hashCode();
  }

  @Override
  public boolean equals(Object other) {
    return other instanceof B && ((B) other).name.equals(name);
  }
}

// C.java 
class C extends B {
  private final int age;

  public C(String name, int age) {
    super(name);

    this.age = age;
  }

  /* Two objects that are equal according to this definition 
   * must be equal according to super.equals(), and therefore also have the 
   * same hashCode() because this is inherited from the superclass. 
   * Therefore, no warning is issued for the missing hashCode() definition. 
   */ 
  @Override
  public boolean equals(Object other) {
    return super.equals(other) && other instanceof C && ((C) other).age == age;
  }
}

To resolve this, add the following definition (or similar) to class EqualsHashCode.

@Override
public int hashCode() {
    return name.hashCode();
}

Resolution

Make equals() consistent with hashCode(). In many cases, this just amounts to provide the missing definition for one of them.

Relevant Configuration File Parameters

The following configuration file parameters affect checks for this warning class.

 

To report problems with this documentation, please visit https://support.codesecure.com/.