Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!aioe.org!.POSTED!not-for-mail
From: Roedy Green <see_website@mindprod.com.invalid>
Newsgroups: comp.lang.java.programmer
Subject: Re: StringBuilder
Date: Sat, 17 Sep 2011 20:58:54 -0700
Organization: Canadian Mind Products
Lines: 16
Message-ID: <k2ra771tvpctof9v094t36ldo1g7escv3d@4ax.com>
References: <96f358c8-a024-40db-b60b-300186c2f813@o10g2000vby.googlegroups.com> <j41fik$3qb$1@news.albasani.net> <j52jgd$iij$1@dont-email.me> <vp7a77lp3e5oe4h79pnmv95vb4lu13spmc@4ax.com> <j53aom$m0$1@news.albasani.net>
Reply-To: Roedy Green <see_website@mindprod.com.invalid>
NNTP-Posting-Host: RCd/Ul4tyxGUBII8WGwa5g.user.speranza.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
X-Notice: Filtered by postfilter v. 0.8.2
X-Newsreader: Forte Agent 6.00/32.1186
Xref: x330-a1.tempe.blueboxinc.net comp.lang.java.programmer:8115

On Sun, 18 Sep 2011 01:33:41 +0200, Jan Burse <janburse@fastmail.fm>
wrote, quoted or indirectly quoted someone who said :

>The problem is invoking a method of an object that has access to
>the char[] and will do some write into the array between offset
>and offset+count of the string.

Exactly.  If there exists a reference to the char after it is inside
the String, that is a security breach, since it could be used to
modify the String.
-- 
Roedy Green Canadian Mind Products
http://mindprod.com
Your top priority should be fixing bugs. If you carry on development, 
you are just creating more places you will have to search for them.