[Fb-contrib-commit] SF.net SVN: fb-contrib: [1006] trunk/fb-contrib
Brought to you by:
dbrosius
Menu
▾
▴
[Fb-contrib-commit] SF.net SVN: fb-contrib: [1006] trunk/fb-contrib
|
From: <dbr...@us...> - 2008-03-16 01:52:55
|
Revision: 1006
http://fb-contrib.svn.sourceforge.net/fb-contrib/?rev=1006&view=rev
Author: dbrosius
Date: 2008-03-15 18:52:58 -0700 (Sat, 15 Mar 2008)
Log Message:
-----------
Initial checkin, WEM detector
Modified Paths:
--------------
trunk/fb-contrib/etc/findbugs.xml
trunk/fb-contrib/etc/messages.xml
Added Paths:
-----------
trunk/fb-contrib/samples/WEM_Sample.java
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/WeakExceptionMessaging.java
Modified: trunk/fb-contrib/etc/findbugs.xml
===================================================================
--- trunk/fb-contrib/etc/findbugs.xml 2008-03-15 06:17:22 UTC (rev 1005)
+++ trunk/fb-contrib/etc/findbugs.xml 2008-03-16 01:52:58 UTC (rev 1006)
@@ -312,6 +312,10 @@
speed="fast"
reports="SCA_SUSPICIOUS_CLONE_ALGORITHM" />
+ <Detector class="com.mebigfatguy.fbcontrib.detect.WeakExceptionMessaging"
+ speed="fast"
+ reports="WEM_WEAK_EXCEPTION_MESSAGING" />
+
<!-- BugPattern -->
<BugPattern abbrev="ISB" type="ISB_INEFFICIENT_STRING_BUFFERING" category="PERFORMANCE" />
@@ -416,4 +420,5 @@
<BugPattern abbrev="JAO" type="JAO_JUNIT_ASSERTION_ODDITIES_INEXACT_DOUBLE" category="STYLE" experimental="true" />
<BugPattern abbrev="JAO" type="JAO_JUNIT_ASSERTION_ODDITIES_BOOLEAN_ASSERT" category="STYLE" experimental="true" />
<BugPattern abbrev="SCA" type="SCA_SUSPICIOUS_CLONE_ALGORITHM" category="CORRECTNESS" experimental="true" />
+ <BugPattern abbrev="WEM" type="WEM_WEAK_EXCEPTION_MESSAGING" category="STYLE" experimental="true" />
</FindbugsPlugin>
\ No newline at end of file
Modified: trunk/fb-contrib/etc/messages.xml
===================================================================
--- trunk/fb-contrib/etc/messages.xml 2008-03-15 06:17:22 UTC (rev 1005)
+++ trunk/fb-contrib/etc/messages.xml 2008-03-16 01:52:58 UTC (rev 1006)
@@ -852,9 +852,22 @@
<![CDATA[
<p>looks for implementations of clone where an assignment is made to a field of the
source object. It is likely that that store should have occurred on the cloned object, as
- the clone operation is almost always considered read only.</p>]]>
+ the clone operation is almost always considered read only.</p>
+ <p>It is a fast detector</p>
+ ]]>
</Details>
</Detector>
+
+ <Detector class="com.mebigfatguy.fbcontrib.detect.WeakExceptionMessaging">
+ <Details>
+ <![CDATA[
+ <p>looks for exceptions that are thrown with static strings as messages. Using static strings
+ doesn't differentiate one use of this method versus another, and so it may be difficult
+ to determine how this exception occurred without showing context.<p>
+ <p>It is a fast detector</p>
+ ]]>
+ </Details>
+ </Detector>
<!-- BugPattern -->
@@ -2206,6 +2219,19 @@
</Details>
</BugPattern>
+ <BugPattern type="WEM_WEAK_EXCEPTION_MESSAGING">
+ <ShortDescription>method throws exception with static message string</ShortDescription>
+ <LongDescription>method {1} throws exception with static message string</LongDescription>
+ <Details>
+ <![CDATA[
+ <p>This method creates and throws an exception using a static string as the exceptions message.
+ Without any specific context of this particular exception invocation, such as the value of parameters,
+ key member variables, or local variables, it may be difficult to infer how this exception occurred. Consider
+ adding context to the exception message.</p>
+ ]]>
+ </Details>
+ </BugPattern>
+
<!-- BugCode -->
<BugCode abbrev="ISB">Inefficient String Buffering</BugCode>
@@ -2278,4 +2304,5 @@
<BugCode abbrev="CFS">Confusing Function Semantics</BugCode>
<BugCode abbrev="JAO">JUnit Assertion Oddities</BugCode>
<BugCode abbrev="SCA">Suspicious Clone Algorithm</BugCode>
+ <BugCode abbrev="WEM">Weak Exception Messaging</BugCode>
</MessageCollection>
\ No newline at end of file
Added: trunk/fb-contrib/samples/WEM_Sample.java
===================================================================
--- trunk/fb-contrib/samples/WEM_Sample.java (rev 0)
+++ trunk/fb-contrib/samples/WEM_Sample.java 2008-03-16 01:52:58 UTC (rev 1006)
@@ -0,0 +1,16 @@
+
+public class WEM_Sample
+{
+ public void badException (String s)
+ {
+ if (s.length() == 1)
+ throw new IllegalArgumentException("You stink");
+ }
+
+ public void goodException (String s)
+ {
+ if (s.length() == 1)
+ throw new IllegalArgumentException("You stink -->" + s);
+ }
+
+}
Property changes on: trunk/fb-contrib/samples/WEM_Sample.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Name: svn:eol-style
+ native
Added: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/WeakExceptionMessaging.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/WeakExceptionMessaging.java (rev 0)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/WeakExceptionMessaging.java 2008-03-16 01:52:58 UTC (rev 1006)
@@ -0,0 +1,158 @@
+/*
+ * fb-contrib - Auxiliary detectors for Java programs
+ * Copyright (C) 2005-2008 Dave Brosius
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+package com.mebigfatguy.fbcontrib.detect;
+
+import java.util.BitSet;
+
+import org.apache.bcel.Constants;
+import org.apache.bcel.Repository;
+import org.apache.bcel.classfile.Code;
+import org.apache.bcel.classfile.ConstantString;
+import org.apache.bcel.classfile.JavaClass;
+import org.apache.bcel.classfile.Method;
+import org.apache.bcel.generic.Type;
+
+import edu.umd.cs.findbugs.BugInstance;
+import edu.umd.cs.findbugs.BugReporter;
+import edu.umd.cs.findbugs.BytecodeScanningDetector;
+import edu.umd.cs.findbugs.OpcodeStack;
+import edu.umd.cs.findbugs.ba.ClassContext;
+
+public class WeakExceptionMessaging extends BytecodeScanningDetector {
+
+ private static JavaClass exceptionClass;
+ static {
+ try {
+ exceptionClass = Repository.lookupClass("java/lang/Exception");
+ } catch (ClassNotFoundException cnfe) {
+ exceptionClass = null;
+ }
+ }
+
+ private BugReporter bugReporter;
+ private OpcodeStack stack;
+
+ /**
+ * constructs a WEM detector given the reporter to report bugs on
+ * @param bugReporter the sync of bug reports
+ */
+ public WeakExceptionMessaging(BugReporter bugReporter) {
+ this.bugReporter = bugReporter;
+ }
+
+ /**
+ * overrides the visitor to initialize and tear down the opcode stack
+ *
+ * @Param classContext the context object of the currently parsed class
+ */
+ @Override
+ public void visitClassContext(ClassContext classContext) {
+ try {
+ if (exceptionClass != null) {
+ stack = new OpcodeStack();
+ super.visitClassContext(classContext);
+ }
+ } finally {
+ stack = null;
+ }
+ }
+
+ /**
+ * looks for methods that contain a ATHROW opcodes
+ *
+ * @param method the context object of the current method
+ * @return if the class uses throws
+ */
+ public boolean prescreen(Method method) {
+ BitSet bytecodeSet = getClassContext().getBytecodeSet(method);
+ return (bytecodeSet != null) && (bytecodeSet.get(Constants.ATHROW));
+ }
+
+ /**
+ * overrides the visitor to prescreen the method to look for throws calls
+ * and only forward onto bytecode scanning if there
+ *
+ * @param obj the context object of the currently parsed code block
+ */
+ @Override
+ public void visitCode(Code obj) {
+ if (prescreen(getMethod())) {
+ stack.resetForMethodEntry(this);
+ super.visitCode(obj);
+ }
+ }
+
+ /**
+ * overrides the visitor to look for throws instructions using exceptions with
+ * static messages
+ *
+ * @param seen the opcode of the currently visited instruction
+ */
+ @Override
+ public void sawOpcode(int seen) {
+ boolean allConstantStrings = false;
+ boolean sawConstant = false;
+ try {
+ if (seen == ATHROW) {
+ if (stack.getStackDepth() > 0) {
+ OpcodeStack.Item item = stack.getStackItem(0);
+ if (item.getUserValue() != null) {
+ bugReporter.reportBug(new BugInstance(this, "WEM_WEAK_EXCEPTION_MESSAGING", LOW_PRIORITY)
+ .addClass(this)
+ .addMethod(this)
+ .addSourceLine(this));
+ }
+ }
+ } else if (seen == LDC) {
+ if (getConstantRefOperand() instanceof ConstantString)
+ sawConstant = true;
+ } else if (seen == INVOKESPECIAL) {
+ if ("<init>".equals(getNameConstantOperand())) {
+ String clsName = getClassConstantOperand();
+ if (clsName.indexOf("Exception") >= 0) {
+ JavaClass exCls = Repository.lookupClass(clsName);
+ if (exCls.instanceOf(exceptionClass)) {
+ String sig = getSigConstantOperand();
+ Type[] argTypes = Type.getArgumentTypes(sig);
+ for (int t = 0; t < argTypes.length; t++) {
+ if ("Ljava/lang/String;".equals(argTypes[t].getSignature())) {
+ int stackOffset = argTypes.length - t - 1;
+ if (stack.getStackDepth() > stackOffset) {
+ OpcodeStack.Item item = stack.getStackItem(stackOffset);
+ if (item.getUserValue() == null)
+ return;
+ }
+ }
+ }
+ allConstantStrings = true;
+ }
+ }
+ }
+ }
+ } catch (ClassNotFoundException cnfe) {
+ bugReporter.reportMissingClass(cnfe);
+ } finally {
+ stack.sawOpcode(this, seen);
+ if ((sawConstant || allConstantStrings) && (stack.getStackDepth() > 0)) {
+ OpcodeStack.Item item = stack.getStackItem(0);
+ item.setUserValue(Boolean.TRUE);
+ }
+ }
+ }
+}
Property changes on: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/WeakExceptionMessaging.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Name: svn:eol-style
+ native
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
