代码静态检查报告-会务会展.docx

会务会展静态代码检测报告检测工具：FindBugsFindBugs通过检查类文件或 JAR文件，将字节码与一组缺陷模式进行对比从而发现代码缺陷，完成静态代码分析。FindBugs既提供可视化 UI 界面，同时也可以作为 Eclipse插件使用。文本将主要使用将 FindBugs作为 Eclipse插件。在安装成功后会在 eclipse中增加 FindBugs perspective，用户可以对指定 Java类或 JAR文件运行 FindBugs，此时 FindBugs会遍历指定文件，进行静态代码分析。系统检测结果整理如下：（1）Scary(7)：1）High confidence(4)： Impossible Cast(3)：Bug: Impossible cast from org.activiti.bpmn.model.SequenceFlow to org.activiti.bpmn.model.UserTask in com.hte.util.ActFlowUtils.addStartEventComment(String)This cast will always throw a ClassCastException. FindBugs tracks type information from instanceof checks, and also uses more precise information about the types of values returned from methods and loaded from fields. Thus, it may have more precise information that just the declared type of a variable, and can use this to determine that a cast will always throw an exception at runtime. Rank: Scary (9), confidence: HighPattern: BC_IMPOSSIBLE_CAST Type: BC, Category: CORRECTNESS (Correctness)a) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/util/ActFlowUtils.java:350 Impossible cast from org.activiti.bpmn.model.SequenceFlow to org.activiti.bpmn.model.UserTask in com.hte.util.ActFlowUtils.getNextFlowNodesByInstance(String, String) Scary(9), High confidenceb) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/util/ActFlowUtils.java:340 Impossible cast from org.activiti.bpmn.model.SequenceFlow to org.activiti.bpmn.model.UserTask in com.hte.util.ActFlowUtils.getNextFlowNodesByInstance(String, String) Scary(9), High confidencec) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/util/ActFlowUtils.java:406 Impossible cast from org.activiti.bpmn.model.SequenceFlow to org.activiti.bpmn.model.UserTask in com.hte.util.ActFlowUtils.addStartEventComment(String) Scary(9), High confidence Possible null pointer dereference(1):Bug: Possible null pointer dereference of paymentOrder in com.hte.service.impl.ExhiPaymentOrderServiceImpl.delPaymentOrderInfo(Long)There is a branch of statement that, if executed, guarantees that a null value will be dereferenced, which would generate a NullPointerException when the code is executed. Of course, the problem might be that the branch or statement is infeasible and that the null pointer exception cant ever be executed; deciding that is beyond the ability of FindBugs. Rank: Scary (6), confidence: HighPattern: NP_NULL_ON_SOME_PATH Type: NP, Category: CORRECTNESS (Correctness)a) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/service/impl/ExhiPaymentOrderServiceImpl.java:326 Possible null pointer dereference of paymentOrder in com.hte.service.impl.ExhiPaymentOrderServiceImpl.delPaymentOrderInfo(Long) Scary(6), High confidence2) Normal confidence(1): Possible null pointer dereference(1):Bug: Possible null pointer dereference of paymentOrder in com.hte.service.impl.ExhiPaymentOrderServiceImpl.delPaymentOrderInfo(Long)There is a branch of statement that, if executed, guarantees that a null value will be dereferenced, which would generate a NullPointerException when the code is executed. Of course, the problem might be that the branch or statement is infeasible and that the null pointer exception cant ever be executed; deciding that is beyond the ability of FindBugs. Rank: Scary (6), confidence: HighPattern: NP_NULL_ON_SOME_PATH Type: NP, Category: CORRECTNESS (Correctness)a) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/service/impl/ExhiIncomeSettlementServiceImpl.java:133 Possible null pointer dereference of coaShare in com.hte.service.impl.ExhiIncomeSettlementServiceImpl.submitProposerConfirm(IncomeDTO) Scary(8), Normal confidenceb) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/service/impl/ExhiProviderServiceImpl.java:144 Possible null pointer dereference of approvalRate in com.hte.service.impl.ExhiProviderServiceImpl.submitToDutyManager(Map) Scary(8), Normal confidencec) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/service/impl/ExhiMainInfoServiceImpl.java:210 Possible null pointer dereference of dutyManager in com.hte.service.impl.ExhiMainInfoServiceImpl.saveReceptionistAndSummary(String, String, List, User) Scary(8), Normal confidence（2）Troubling(10):1) High confidence(1): Comparison of String parameter using = or != (1):Bug: Comparison of String parameter using = or != in com.htr.util.StringUtil.checkEmail(String) This code compares a java.lang.String parameter for reference equality using the = or != operators. Requiring callers to pass only String constants or interned strings to a method is unnecessarily fragile, and rarely leads to measurable performance gains. Consider using the equals(Object) method instead.Rank: Troubling (14), confidence: HighPattern: ES_COMPARING_PARAMETER_STRING_WITH_EQ Type: ES, Category: BAD_PRACTICE (Bad practice)a) D:/Issmart/HTExhibition/HTReception-Common/src/com/htr/util/StringUtil.java:102 Comparison of String parameter using = or != in com.htr.util.StringUtil.checkEmail(String) Troubling(14), High confidence2) Normal confidence(9): Possible null pointer dereference in method on exception path(2)Bug: Possible null pointer dereference of expenseOrder in com.hte.action.ExhiFeeSettleDataAction.loadExpenseDetails(Map) on exception pathA reference value which is null on some exception control path is dereferenced here. This may lead to a NullPointerException when the code is executed. Note that because FindBugs currently does not prune infeasible exception paths, this may be a false warning.Also note that FindBugs considers the default case of a switch statement to be an exception path, since the default case is often infeasible.Rank: Troubling (11), confidence: NormalPattern: NP_NULL_ON_SOME_PATH_EXCEPTION Type: NP, Category: CORRECTNESS (Correctness)a) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/action/ExhiFeeSettleDataAction.java:1561 Possible null pointer dereference of expenseOrder in com.hte.action.ExhiFeeSettleDataAction.loadExpenseDetails(Map) on exception path Troubling(11), Normal confidenceb) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/util/HttpUtil.java:193 Possible null pointer dereference of map in com.hte.util.HttpUtil.getCoaApprover(String, String, String) on exception path Troubling(11), Normal confidence Nullcheck of value previously dereferenced(7)Bug: Nullcheck of adjustList at line 248 of value previously dereferenced in com.hte.action.ExhiApplyDataAction.loadDetails(Map)A value is checked here to see whether it is null, but this value cant be null because it was previously dereferenced and if it were null a null pointer exception would have occurred at the earlier dereference. Essentially, this code and the previous dereference disagree as to whether this value is allowed to be null. Either the check is redundant or the previous dereference is erroneous.Rank: Troubling (11), confidence: NormalPattern: RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE Type: RCN, Category: CORRECTNESS (Correctness)a) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/action/ExhiApplyDataAction.java:248 Nullcheck of adjustList at line 248 of value previously dereferenced in com.hte.action.ExhiApplyDataAction.loadDetails(Map) Troubling(11), Normal confidenceb) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/action/ExhiFeeSettleDataAction.java:551 Nullcheck of exhiProviderPayment at line 551 of value previously dereferenced in com.hte.action.ExhiFeeSettleDataAction.editSettleDataInfo(Map) Troubling(11), Normal confidencec) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/service/impl/ExhiProviderPaymentServiceImpl.java:232 Nullcheck of totalMoney at line 244 of value previously dereferenced in com.hte.service.impl.ExhiProviderPaymentServiceImpl.queryPaymentMapByList(List, List, List, List) Troubling(11), Normal confidenced) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/service/impl/ExhiProviderPaymentServiceImpl.java:1068 Nullcheck of staff at line 1068 of value previously dereferenced in com.hte.service.impl.ExhiProviderPaymentServiceImpl.refundMoneyNotice(Long, Long, String, String) Troubling(11), Normal confidencee) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/dao/impl/ExhiExpenseOrderDaoImpl.java:55 Nullcheck of map at line 71 of value previously dereferenced in com.hte.dao.impl.ExhiExpenseOrderDaoImpl.baseExpenseOrderSql(StringBuffer, List, Map) Troubling(11), Normal confidencef) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/dao/impl/ExhiPaymentOrderDaoImpl.java:56 Nullcheck of map at line 68 of value previously dereferenced in com.hte.dao.impl.ExhiPaymentOrderDaoImpl.basePaymentOrderSql(StringBuffer, List, Map) Troubling(11), Normal confidenceg) D:/Issmart/HTExhibition/HTExhibition/src/com/hte/service/impl/ExhiProviderPaymentServiceImpl.java:975 Nullcheck of exhiProvider at line 975 of value previously dereferenced in com.hte.service.impl.ExhiProviderPaymentServiceImpl.consultPrice(Map) Troubling(11), Normal confidence（3）Of Concern(2):1) High confidence(2): Return value of method without side effect is ignored(2)Bug: Return value of com.hte.util.Response.failure(String) ignored, but method has no side effectThis code calls a method and ignores the return value. However our analysis shows that the method (including its implementations in subclasses if any) does not produce any effect other than return value. Thus this call can be removed. We are trying to reduce the false positives as much as possible, but in some cases this warning might