差異處
這裏顯示兩個版本的差異處。
下次修改 | 前次修改 | ||
java:findbug [2020/08/02 18:02] tony 建立 |
java:findbug [2023/06/25 09:48] (目前版本) |
||
---|---|---|---|
行 1: | 行 1: | ||
- | {{tag>findbug spotbug}} | + | {{tag>findbug spotbugs}} |
- | ====== FindBug / SpotBug ====== | + | ====== FindBug / SpotBugs ====== |
===== Introduction ===== | ===== Introduction ===== | ||
能夠幫你找到code內不好的'味道'與隱藏的bug,下面的內容是我邊修邊記錄的內容。友藏內心的獨白: 真的找的到bug!\\ | 能夠幫你找到code內不好的'味道'與隱藏的bug,下面的內容是我邊修邊記錄的內容。友藏內心的獨白: 真的找的到bug!\\ | ||
(*代表我認為最容易犯的錯!) | (*代表我認為最容易犯的錯!) | ||
+ | ===== Articles ===== | ||
+ | * [[java:findbug:plugins:find-sec-bugs|Plugin - Find Security Bugs]] | ||
+ | |||
+ | ===== Fix bugs ===== | ||
==== Bad Practice ==== | ==== Bad Practice ==== | ||
* [[.:code_quality:findbug:NM_METHOD_NAMING_CONVENTION]] | * [[.:code_quality:findbug:NM_METHOD_NAMING_CONVENTION]] | ||
行 27: | 行 31: | ||
* [[.:code_quality:findbug:NP_NULL_ON_SOME_PATH]] | * [[.:code_quality:findbug:NP_NULL_ON_SOME_PATH]] | ||
* [[.:code_quality:findbug:BIT_IOR_OF_SIGNED_BYTE]] * | * [[.:code_quality:findbug:BIT_IOR_OF_SIGNED_BYTE]] * | ||
- | |||
==== MALICIOUS_CODE ==== | ==== MALICIOUS_CODE ==== | ||
* [[.:code_quality:findbug:EI_EXPOSE_REP1]] * | * [[.:code_quality:findbug:EI_EXPOSE_REP1]] * | ||
* [[.:code_quality:findbug:EI_EXPOSE_REP2]] * | * [[.:code_quality:findbug:EI_EXPOSE_REP2]] * | ||
+ | ==== Security ==== | ||
+ | * [[java:sonarlint:fixbug:s2275|XXE_DOCUMENT - XML parsing vulnerable to XXE (DocumentBuilder)]] | ||
+ | * [[java:sonarlint:fixvulnerability:s4423|SSL_CONTEXT - SSLContext needs to be compatible with TLS 1.2]] | ||
+ | ===== ===== | ||
+ | ---- | ||
+ | \\ | ||
+ | ~~DISQUS~~ |