#1233 urf_unread_public_or_protected_field false positive when using reflection

3.x
open
9
2014-08-13
2013-12-11
No

When using container class with public fields and serializing this class false positive (urf_unread_public_or_protected_field) is reported. I.E:

class Container {
    public String containdField;
}

class WebRsource {

private static Gson gson = new GsonBuilder().registerTypeAdapter(JsonContent.class, new JsonContentAdapter()).create();

@GET
public String getJSON() {
    Container container = new Container();
    container.containdField = "Some String";  //<--here you get false positive
    return gson.toJson(container);

}

Discussion

  • William Pugh

    William Pugh - 2013-12-17
    • assigned_to: William Pugh
     
  • William Pugh

    William Pugh - 2013-12-17

    Do you have any recommendations for reducing false positives, other than just disabling the detector? Trying to figure out what might be accessed via Gson seems very difficult.

     
  • William Pugh

    William Pugh - 2013-12-17
    • Group: 2.0.3 --> 3.0.0
     
  • William Pugh

    William Pugh - 2014-01-09
    • labels: --> false positive
     
  • Andrey Loskutov

    Andrey Loskutov - 2014-06-19
    • Group: 3.0.0 --> 3.0.1
     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks