Comparing Classes by Name

Description

The practice of determining an object’s type, based on its name, is dangerous since malicious code may purposely reuse class names in order to appear trusted.

Applies To

• Languages: Java, .NET
• Operating platforms: Any

Example

The following code shows a trust decision based upon class name:

if (inputClass.getClass().getName().equals(“TrustedClassName”)) {
// Do something assuming you trust inputClass
// ... 
}

Impact

• Authorization: If a program bases code trust on the name of the object, it may execute the wrong (potentially malicious) code.

Vulnerabilities

• Failure to use a strong mechanism for identifying classes or assemblies.

Countermeasures

• Implementation: If you are using Java, use class equivalency to determine type. Rather than use the class name to determine if an object is of a given type, use the getClass() method, and == operator.
• Implementation: If you are using .NET, use strong names to identify a trusted class.

Vulnerability Patterns

• Comparing Classes by Name Vulnerability Pattern

How Tos

• How To Recognize Comparing Classes by Name Vulnerabilities
• How To Protect from Comparing Classes by Name
• How To Perform an Attack Based On Comparing Classes by Name