Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SER11-J. Prevent overwriting of externalizable objects #2426

Merged
merged 13 commits into from
Jun 9, 2023
Merged

SER11-J. Prevent overwriting of externalizable objects #2426

merged 13 commits into from
Jun 9, 2023

Conversation

PatrikScully
Copy link
Contributor

I extended the SerializableIdiom detector to check readExternal() function for the SER11-J bug.
I created several test classes to make sure that every assigned class variable are need to be in an if condition. Also I checked that the variable in the if condition will get a new value. (so the initialized variable in the example changes value)
I ran the extended detector for some larger repositories like ElasticSearch, but I didn't get any false-positive finding.

Make sure these boxes are checked before submitting your PR -- thank you!

  • Added an entry into CHANGELOG.md if you have changed SpotBugs code

@hazendaz hazendaz merged commit ae955a3 into spotbugs:master Jun 9, 2023
2 of 4 checks passed
@PatrikScully PatrikScully deleted the feature/SER11-J branch September 30, 2023 08:39
@rovarga rovarga mentioned this pull request Dec 7, 2023
Closed
@hazendaz hazendaz added this to the SpotBugs 4.8.0 milestone Dec 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hazendaz hazendaz hazendaz approved these changes

@ThrawnCA ThrawnCA ThrawnCA left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
SpotBugs 4.8.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@PatrikScully @hazendaz @ThrawnCA