<div>
<div class="content wysiwyg-content">
Hi,<br />
I am attaching a screenshot from a code in effective java book. In this the author says &nbsp;- <br />

<blockquote>
Note that defensive copies are made before checking the validity of the parameters (Item 38), and the validity check is performed on the copies rather than on the originals. While this may seem unnatural, it is nec- essary. It protects the class against changes to the parameters from another thread during the “window of vulnerability” between the time the parameters are checked and the time they are copied. (In the computer security community, this is known as a time-of-check/time-of-use or TOCTOU
</blockquote>
<a href="https://filedb.experts-exchange.com/incoming/2018/01_w05/1267943/Screen-Shot-2018-02-01-at-12.16.36-A.png" target="_blank" title="Screen-Shot-2018-02-01-at-12.16.36-A.png (794 KB)"><img alt="Screen-Shot-2018-02-01-at-12.16.36-A.png" class="file-block lazyload" style="max-width: 800px;" data-src="https://filedb.experts-exchange.com/incoming/2018/01_w05/800_1267943/Screen-Shot-2018-02-01-at-12.16.36-A.png" /></a>I dont get this window of vulnerability thing. What exactly he is talking about.. Please suggest an example where the check was done before the assignment and due to some multithreaded thing There was an issue. <br />
Thanks
</div>
</div>


Screen-Shot-2018-02-01-at-12.16.36-A.png

Hi,
I am attaching a screenshot from a code in effective java book. In this the author says  - 
Note that defensive copies are made before checking the validity of the parameters (Item 38), and the validity check is performed on the copies rather than on the originals. While this may seem unnatural, it is nec- essary. It protects the class against changes to the parameters from another thread during the “window of vulnerability” between the time the parameters are checked and the time they are copied. (In the computer security community, this is known as a time-of-check/time-of-use or TOCTOU

I dont get this window of vulnerability thing. What exactly he is talking about.. Please suggest an example where the check was done before the assignment and due to some multithreaded thing There was an issue. 
Thanks

How does java function becomes vulnerable if the order is changed

Java is a platform-independent, object-oriented programming language and run-time environment, designed to have as few implementation dependencies as possible such that developers can write one set of code across all platforms using libraries. Most devices will not run Java natively, and require a run-time component to be installed in order to execute a Java program.