SONAR 抱怨改变条件,使其并不总是评估为“假".

2022-01-17 00:00:00 sonarqube java maven

public String generateURLSafeToken(String username, char[] password) throws CredentialTokenException {this.tokenValid = false;字符串令牌 = null;if ((username.length() < 1) || (username == null)) {throw new CredentialTokenException("用户名不能为空字符串或 null.");}if ((password.length < 1) || (password == null)) {throw new CredentialTokenException("密码不能为空或 null.");}

<块引用>

我在第 4 行和第 7 行遇到此错误(用户名 == null 和密码 == null)

我的代码中需要这部分.我正在尝试 isEmpty() 而不是 null 但也面临着问题.解决此 SONAR 错误的替代方法或解决方案是什么

解决方案

总是计算结果为 false 的条件是 username == nullpassword ==空.

我们以username为例.运算符 || 是 短路 意味着它赢了'如果左侧为 true,则不计算右侧.基本上有两种情况:

  • 给定的 username 不是 null.条件 username.length() <1 被评估
    • 如果结果为true,我们直接返回,进入if分支
    • 如果结果是 false,我们会尝试评估 username == null.但是由于给出的 username 不是 null,因此 always 的计算结果为 false.
  • 给定的 usernamenull.条件 username.length() <1 被评估.这实际上停在那里:它会抛出一个 NullPointerException 并且不会评估右侧.

因此,您可以看到,无论何时实际评估 username == null 条件,结果始终为 false.这就是 SonarQube 警告告诉您的内容.

这里的解决方案是颠倒您的 2 个条件.考虑拥有

if (username == null || username.length() < 1)

相反.如果您重新开始并检查每个案例,您会注意到没有一个表达式将始终具有相同的结果:

  • 给定的 username 不是 null.第一个条件明确评估为 false,第二个条件被评估,可能返回 truefalse.
  • 给定的 usernamenull.第一个条件明确评估为 true 和短路.

public String generateURLSafeToken(String username, char[] password) throws CredentialTokenException {
    this.tokenValid = false;

    String token = null;
    if ((username.length() < 1) || (username == null)) {
        throw new CredentialTokenException("Username cannot be an empty string or null.");
    }
    if ((password.length < 1) || (password == null)) {
        throw new CredentialTokenException("Password cannot be an empty or null.");
    }

I am facing this error in line 4 and line 7 (username == null and password == null)

And I need this part in my code. I am trying isEmpty() instead of null but facing problems in that also . What is an alternate way or the solution to fix this SONAR error

解决方案

The conditions which always evaluates to false are username == null and password == null.

Let's take the example of username. The operator || is short-circuiting meaning it won't evaluate the right hand side if the left hand side is true. Basically, there are 2 cases:

  • The username given is not null. The condition username.length() < 1 is evaluated
    • If the result is true, we return directly and enter the if branch
    • If the result is false, we try to evaluate username == null. But since the username given is not null, this always evaluate to false.
  • The username given is null. The condition username.length() < 1 is evaluated. This actually stops right there: it will throw a NullPointerException and will not evaluate the right hand side.

Therefore, you can see that whenever the username == null condition was actually evaluated, the result was always false. This is what the SonarQube warning is telling you.

The solution here is to reverse your 2 conditions. Consider having

if (username == null || username.length() < 1)

instead. If you start over and go through each case, you'll notice that none of the expressions will always have the same result:

  • The username given is not null. First condition clearly evaluates to false and the second is evaluated, which may return true or false.
  • The username given is null. The first condition clearly evaluated to true and short-circuits.

相关文章