New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New bug type: AA_ASSERTION_OF_ARGUMENTS #2125
New bug type: AA_ASSERTION_OF_ARGUMENTS #2125
Conversation
Using assertions to validate arguments of public functions is a bad and dangerous practice because the validation does not happen if assertions are disabled, thus the behavior of the program depends on this compilation option. Therefore, we introduced a new detector `FindArgumentAssertions` to detect such cases and report `AA_ASSERTION_OFR_ARGUMENTS` for each of them. Co-authored-by: Gábor Kutas <@vodorok>
128604d
to
0494ea4
Compare
I don't understand why I strongly believe that |
Thank you for you comment, @iloveeclipse! Actually, I believe that |
Could someone take a look on this one, please? @ThrawnCA or @KengoTODA? |
spotbugs/src/main/java/edu/umd/cs/findbugs/detect/FindArgumentAssertions.java
Outdated
Show resolved
Hide resolved
spotbugs/src/main/java/edu/umd/cs/findbugs/detect/AbstractAssertDetector.java
Outdated
Show resolved
Hide resolved
spotbugs/src/main/java/edu/umd/cs/findbugs/detect/FindArgumentAssertions.java
Show resolved
Hide resolved
spotbugs/src/main/java/edu/umd/cs/findbugs/detect/FindArgumentAssertions.java
Show resolved
Hide resolved
spotbugs/src/main/java/edu/umd/cs/findbugs/detect/FindArgumentAssertions.java
Outdated
Show resolved
Hide resolved
spotbugs/src/main/java/edu/umd/cs/findbugs/detect/FindArgumentAssertions.java
Outdated
Show resolved
Hide resolved
spotbugs/src/main/java/edu/umd/cs/findbugs/detect/FindArgumentAssertions.java
Outdated
Show resolved
Hide resolved
Fix FP in Argument Assert (MET01)
Merge master SEI_CERT_MET01_J
# Conflicts: # CHANGELOG.md # spotbugs/etc/findbugs.xml # spotbugs/etc/messages.xml
Master merge SEI_CERT_MET01_J
Thanks @baloghadamsoftware |
Using assertions to validate arguments of public functions is a bad and dangerous practice because the validation does not happen if assertions are disabled, thus the behavior of the program depends on this compilation option. Therefore, we introduced a new detector
FindArgumentAssertions
to detect such cases and reportAA_ASSERTION_OFR_ARGUMENTS
for each of them.Make sure these boxes are checked before submitting your PR -- thank you!
CHANGELOG.md
if you have changed SpotBugs codeCo-authored-by: Gábor Kutas <@vodorok>