代码扫描问题以及解决⽅式(转载备忘)you too是什么意思
1、LI_LAZY_INIT_UPDATE_STATIC:Incorrect lazy initialization and update of static field
Thismethod contains an unsynchronized lazy initialization of a static field. Afterthe field is t, the object stored into that location is further updated oraccesd. The tting of the field is visible to other threads as soon as it ist. If the futher access in the method that t the field rve toinitialize the object, then you have a veryriousmultithreading bug, unless something el prevents any otherthread from accessing the stored object until it is fully initialized.
原因分析:
该⽅法的初始化中包含了⼀个迟缓初始化的静态变量。你的⽅法引⽤了⼀个静态变量,估计是类静态变量,那么多线程调⽤这个⽅法时,你的变量就会⾯临线程安全的问题了,除⾮别的东西阻⽌任何其他线程访问存储对象从直到它完全被初始化。
解决⽅法:给该⽅法加上synchronized同步锁,并且给有调⽤到该静态变量的⽅法也加上synchronized同步锁。
歌曲欣赏2、RR_NOT_CHECKED: Method ignores ad()
This method ignores the return value ofone of the variants of java.ad() which can returnmultiple bytes. If the return value is not checked, the caller will notbe able to correctly handle the ca where fewer bytes were read than thecaller requested. This is a particularly insidious kind of bug, becauin many programs, reads from input streams usually do read the full amount ofdata requested, causing the program to fail only sporadically.
原因分析:扎克伯格结婚
解决⽅法:定义⼀个变量接收该⽅法返回值,如while((number = is.read(bs))!= -1) {}
3、RV_RETURN_VALUE_IGNORED_BAD_PRACTICE:Method ignores exceptional return value口才与交际
This methodreturns a value that is not checked. The return value should be checked sinceit can indicate an unusual or unexpected function execution. For example, the File.delete() methodreturns fal if the file could not be successfully deleted (rather thanthrowing an Exception). If you don't check the result, you won't notice if themethod invocation signals unexpected behavior by returning an atypical returnvalue.
原因分析:⽅法忽略返回值的异常信息
savvy翻译
解决⽅法:
原代码:if (ists()) {
file.delete();
}
修改后的代码:try {
file.delete();
}catch(SecurityException e){
Utils.logger.info(e);
}catch(NullPointerException e){
Utils.logger.info(e);
}
4、SE_BAD_FIELD:Non-transient non-rializable instance field in rializable class
This Serializableclass defines a non-primitive instance field which is neither transient,Serializable, or java.lang.Object, and does not appear to implement theExternalizable interfaceor the readObject() and writeObject() methods. Objects of this class will not be derialized correctly if a non-Serializableobject is stored in this field.关于圣诞节的手抄报
原因分析:序列化的类⾥⾯定义了⼀个⾮序列化的字段
解决⽅法:给该字段加上transient表明这是⼀个序列化字段
5、NP_NULL_ON_SOME_PATH_EXCEPTION:Possible null pointer dereference in method on exception path
Areference value which is null on some exception control path is dereferencedhere. This may lead to a NullPointerException when the code ixecuted. Note that becau FindBugs currently does not prune infeasibleexception paths, this may be a fal warning. Alsonote that FindBugs considers the default ca of a switch statement to be anexception path, since the default ca is often infeasible.
原因分析:有些代码可能会发⽣空指针异常
解决⽅法:进⾏判空就好了
6、NP_NULL_PARAM_DEREF:Method call pass null for nonnull parameter
Thismethod call pass a null value for a nonnull method parameter. Either theparameter is annotated as a parameter that should always be nonnull, oranalysis has shown that it will always be dereferenced
原因分析:对参数为空的未进⾏处理
解决⽅法:进⾏判空就好了
7、NP_NULL_ON_SOME_PATH:Possible null pointer dereference
Thereis a branch of statement that, if executed, guarantees that a nullvalue will be dereferenced, which would generate a NullPointerException whenthe code is executed. Of cour, the problem might be that the branch orstatement is infeasible and that the null pointer exception can't ever beexecuted; deciding that is beyond the ability of FindBugs
原因分析:可能存在空的引⽤
解决⽅法:要么判空,要么注释掉,如System.out等
8、NP_UNWRITTEN_FIELD:Read of unwritten field
Theprogram is dereferencing a field that does not em to ever have a non-nullvalue written to it. Dereferencing this value will generate a null pointerexception.
原因分析:此字段是永远不会写⼊值,如果不需要的话就删除掉
解决⽅法:要么复制,要么注释掉
9、DMI_INVOKING_TOSTRING_ON_ARRAY:Invocation of toString on an array
Thecode invokes toString on an array, which will generate a fairly uless resultsuch as [C@16f0472. Consider String to convert the array into areadable String that gives the contents of the array. See Programming Puzzlers,chapter 3, puzzle 12.
原因分析:该代码调⽤上数组的toString()⽅法,产⽣的结果形如[@ 16f0472并不能显⽰数组的真实内容。
解决⽅法:⽤String⽅法或者new String(X,“gbk”)来转换
10、UWF_UNWRITTEN_FIELD:Unwritten field
Thisfield is never written. All reads of it will return the default value.Check for errors (should it have been initialized?), or remove it if it isuless
原因分析:该字段从未被赋值过
解决办法:要么注释掉该字段,要么给它初始化
11、RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE:Redundant nullcheck of value known to be non-null
Thismethod contains a redundant check of a known non-null value against theconstant null.
原因分析:⽅法中包含没有检查可能为空的地⽅
解决办法:先检查是否为空再进⾏相关操作
12、EI_EXPOSE_REP:May expo internal reprentation by returning reference to mutable object
Returninga reference to a mutable object value stored in one of the object's fieldxpos the internal reprentation of the object. If instances are accesd by untrusted code,and unchecked changes to the mutable object would compromi curity or otherimportant properties, you will need to do something different. Returning a newcopy of the object is better approach in many situations.
原因分析:返回⼀个易变对象引⽤并把它保存在对象字段中时会暴露对象内部的字段描述,如果接受不守信任的代码访问或者没有检查就去改变易变对象的会涉及对象的安全和其他重要属性的安全。返回⼀个对象的新副本,在很多情况下更好的办法。在编写JavaBean时,如果类内部的成员变量为⼀个对象类型,就有可能产⽣这种情况。
解决⽅法:
源代码:
publicclass StudentBean
{zigzag
private Date addDate;
public Date getAddDate()
{
return addDate;
}
}
修改后的代码:
publicclass StudentBean
{
private Date addDate;质疑英文
public Date getAddDate()
{
bestial
五年级下册英语期中试卷
if (addDate == null)
{
return null;
}
return (Date)addDate.clone();
}
}
13、EI_EXPOSE_REP2:May expo internal reprentation by incorporating reference to mutable object
Thiscode stores a reference to an externally mutable object into the internalreprentation of the object. Ifinstances are accesd by untrusted code, and unchecked changes to the mutableobject would compromi curity or other important properties, you will needto do something different. Storing a copy of the object is better approach inmany situations.
原因分析:此代码把外部可变对象引⽤存储到对象的内部表⽰。如果实例受到不信任的代码的访问和没有检查的变化危及对象和重要属性的安全。存储⼀个对象的副本,在很多情况下是更好的办法。
