代码静态检查报告.docx
7页
会务会展静态代码检测报告检测工具:FindBugsFindBugs通过检查类文件或JAR文件,将字节码与一组缺陷模式进行对比从 而发现代码缺陷,完成静态代码分析FindBugs既提供可视化UI界面,同时也可以 作为Eclipse插件使用文本将主要使用将FindBugs作为Eclipse插件在安装成功 后会在eclipse中增加FindBugs perspective,用户可以对指定Java类或JAR文件 运行FindBugs,此时FindBugs会遍历指定文件,进行静态代码分析系统检测结果整理如下:(1) Scary(7):1)High confidence(4):① Impossible Cast(3):Bug:Impossible cast from org.activiti.bpmn.model.SequenceFlow to org.activiti.bpmn.model.UserTask in com.hte.util.ActFlowUtils.addStartEventComment(String)This cast will always throw a ClassCastException. FindBugs tracks type information from instanceof checks, and also uses more precise information about the types of values returned from methods and loaded from fields. Thus, it may have more precise information that just the declared type of a variable, and can use this to determine that a cast will always throw an exception at runtime.Rank: Sca ry (9), confidence: HighPattern: BC_IMPOSSIBLE_CASTType: BC, Category:CORRECTNESS (Correctness)a) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/util/ActFlowUtils.java:350 Impossible cast from org.activiti.bpmn.model.SequenceFlow to org.activiti.bpmn.model.UserTask in com.hte.util.ActFlowUtils.getNextFlowNodesByInstance(String, String) [Scary(9), High confidence]b) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/util/ActFlowUtils.java:340 Impossible cast from org.activiti.bpmn.model.SequenceFlow to org.activiti.bpmn.model.UserTask in com.hte.util.ActFlowUtils.getNextFlowNodesByInstance(String, String) [Scary(9), High confidence]c) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/util/ActFlowUtils.java:4 06 Impossible cast from org.activiti.bpmn.model.SequenceFlow to org.activiti.bpmn.model.UserTask in com.hte.util.ActFlowUtils.addStartEventComment(String) [Scary(9), High confidence]② Possible null pointer dereference(1):Bug: Possible null pointer dereference of paymentOrder in com.hte.service.impl.ExhiPaymentOrderServiceImpl.delPaymentOrderInfo(Long)There is a branch of statement that, if executed, guarantees that a null value will be dereferenced, which would generate a NullPointerException when the code is executed. Of course, the problem might be that the branch or statement is infeasible and that the null pointer exception can't ever be executed; deciding that is beyond the ability of FindBugs.Rank: Scary (6), confidence: HighPattern: NP_NULL_ON_SOME_PATHType: NP, Category: CORRECTNESS (Correctness)a) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/service/impl/ExhiPaym entOrderServiceImpl.java:326 Possible null pointer dereference of paymentOrder in com.hte.service.impl.ExhiPaymentOrderServiceImpl.delPaymentOrderInfo(L ong) [Scary(6), High confidence]2) Normal confidence(1):① Possible null pointer dereference(1):Bug: Possible null pointer dereference of paymentOrder in com.hte.service.impl.ExhiPaymentOrderServiceImpl.delPaymentOrderInfo(Long)There is a branch of statement that, if executed, guarantees that a null value will be dereferenced, which would generate a NullPointerException when the code is executed. Of course, the problem might be that the branch or statement is infeasible and that the null pointer exception can't ever be executed; deciding that is beyond the ability of FindBugs.Rank: Scary (6), confidence: HighPattern: NP_NULL_ON_SOME_PATHType: NP, Category: CORRECTNESS (Correctness)a) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/service/impl/ExhiIncom eSettlementServiceImpl.java:133 Possible null pointer dereference of coaShare in com.hte.service.impl.ExhiIncomeSettlementServiceImpl.submitProposerCo nfirm(IncomeDTO) [Scary(8), Normal confidence]b) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/service/impl/ExhiProvid erServiceImpl.java:144 Possible null pointer dereference of approvalRate in com.hte.service.impl.ExhiProviderServiceImpl.submitToDutyManager(Map) [Scary(8), Normal confidence]c) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/service/impl/ExhiMainI nfoServiceImpl.java:210 Possible null pointer dereference of dutyManager in com.hte.service.impl.ExhiMainInfoServiceImpl.saveReceptionistAndSumma ry(String, String, List, User) [Scary(8), Normal confidence](2) Troubling(10):1) High confidence(1): ① Comparison of String parameter using == or != (1):Bug: Comparison of String parameter using == or != in com.htr.util.StringUtil.checkEmail(String)This code compares a java.lang.String parameter for reference equality using the == or != operators. Requiring callers to pass only String constants or interned strings to a method is unnecessarily fragile, and rarely leads to measurable performance gains. Consider using the equals(Object) method instead.Rank: Troubling (14), confidence: HighPattern: ES_COMPARING_PARAMETER_STRING_WITH_EQType: ES, Category: BAD_PRACTICE (Bad practice)a) D:/Issmart/HTExhibition/HTReception- Common/src/com/htr/util/StringUtil.java:102 Comparison of String parameter using == or != in com.htr.util.StringUtil.checkEmail(String) [。
