Skip to content

Commit

Permalink
SONARJAVA-5102 Update SE rules metadata (#4853)
Browse files Browse the repository at this point in the history
  • Loading branch information
johann-beleites-sonarsource authored Aug 30, 2024
1 parent f4903c1 commit 88cb1df
Show file tree
Hide file tree
Showing 8 changed files with 19 additions and 8 deletions.
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
<p>This rule is deprecated; use {rule:java:S6555} instead.</p>
<p>This rule is deprecated, and will eventually be removed.</p>
<p><em>We are deprecating our legacy symbolic execution engine in favor of our more advanced commercial engine. The legacy engine will remain Open
Source for the community as a separate plugin and will receive no further updates by SonarSource.</em></p>
<h2>Why is this an issue?</h2>
<p>A reference to <code>null</code> should never be dereferenced/accessed. Doing so will cause a <code>NullPointerException</code> to be thrown. At
best, such an exception will cause abrupt program termination. At worst, it could expose debugging information that would be useful to an attacker, or
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
<p>This rule is deprecated; use {rule:java:S6651} instead.</p>
<p>This rule is deprecated, and will eventually be removed.</p>
<p><em>We are deprecating our legacy symbolic execution engine in favor of our more advanced commercial engine. The legacy engine will remain Open
Source for the community as a separate plugin and will receive no further updates by SonarSource.</em></p>
<h2>Why is this an issue?</h2>
<p>Conditional expressions which are always <code>true</code> or <code>false</code> can lead to <a
href="https://en.wikipedia.org/wiki/Unreachable_code">unreachable code</a>.</p>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
<p>This rule is deprecated; use {rule:java:S6646} instead.</p>
<p>This rule is deprecated, and will eventually be removed.</p>
<p><em>We are deprecating our legacy symbolic execution engine in favor of our more advanced commercial engine. The legacy engine will remain Open
Source for the community as a separate plugin and will receive no further updates by SonarSource.</em></p>
<p>Gratuitous boolean expressions are conditions that do not change the evaluation of a program. This issue can indicate logical errors and affect the
correctness of an application, as well as its maintainability.</p>
<h2>Why is this an issue?</h2>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
<p>This rule is deprecated; use {rule:java:S6649} instead.</p>
<p>This rule is deprecated, and will eventually be removed.</p>
<p><em>We are deprecating our legacy symbolic execution engine in favor of our more advanced commercial engine. The legacy engine will remain Open
Source for the community as a separate plugin and will receive no further updates by SonarSource.</em></p>
<p>If the denominator to an integer division or remainder operation is zero, a <code>ArithmeticException</code> is thrown.</p>
<p>This error will crash your program in most cases. To fix it, you need to ensure that the denominator value in all division operations is always
non-zero, or check the value against zero before performing the division.</p>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
<p>This rule is deprecated; use {rule:java:S6707} instead.</p>
<p>This rule is deprecated, and will eventually be removed.</p>
<p><em>We are deprecating our legacy symbolic execution engine in favor of our more advanced commercial engine. The legacy engine will remain Open
Source for the community as a separate plugin and will receive no further updates by SonarSource.</em></p>
<h2>Why is this an issue?</h2>
<p><code>Optional</code> value can hold either a value or not. The value held in the <code>Optional</code> can be accessed using the
<code>get()</code> method, but it will throw a</p>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<p>This rule is deprecated; use {rule:java:S6976} instead.</p>
<p><em>We are deprecating our legacy symbolic execution engine in favor of our more advanced commercial engine. The legacy engine will remain Open
Source for the community as a separate plugin and will receive no further updates by SonarSource.</em></p>
<h2>Why is this an issue?</h2>
<p>Stream operations are divided into intermediate and terminal operations, and are combined to form stream pipelines. After the terminal operation is
performed, the stream pipeline is considered consumed, and cannot be used again. Such a reuse will yield unexpected results.</p>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ <h3>Documentation</h3>
<li> Java Documentation - <a href="https://docs.oracle.com/en/java/javase/21/security/java-api-xml-processing-jaxp-security-guide.html">Java API for
XML Processing (JAXP) Security Guide</a> </li>
<li> Dom4j Documentation - <a href="https://dom4j.github.io/javadoc/2.1.4/org/dom4j/io/SAXReader.html">SAXReader Class</a> </li>
<li> Jdom2 Documentation - <a href="http://www.jdom.org/docs/apidocs/org/jdom2/input/SAXBuilder.html">SAXBuilder class</a> </li>
<li> Jdom2 Documentation - <a href="https://javadoc.io/static/org.jdom/jdom2/2.0.6.1/org/jdom2/input/SAXBuilder.html">SAXBuilder class</a> </li>
<li> OWASP - <a href="https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#java">XXE Prevention Cheat
Sheet</a> </li>
</ul>
Expand Down
2 changes: 1 addition & 1 deletion java-symbolic-execution/sonarpedia.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
"languages": [
"JAVA"
],
"latest-update": "2024-08-29T10:04:42.887568058Z",
"latest-update": "2024-08-30T06:58:12.220861855Z",
"options": {
"no-language-in-filenames": true,
"preserve-filenames": false
Expand Down

0 comments on commit 88cb1df

Please sign in to comment.