SONARJAVA-4699 FP on S3516 when calling a method using objects from "…

…unknown" packages (#4761)
SonarSource · Apr 10, 2024 · 896bda7 · 896bda7
1 parent 0f9d866
commit 896bda7
Show file tree

Hide file tree

Showing 5 changed files with 112 additions and 6 deletions.
diff --git a/...ult/src/main/files/non-compiling/symbolicexecution/checks/InvariantReturnCheckSample.java b/...ult/src/main/files/non-compiling/symbolicexecution/checks/InvariantReturnCheckSample.java
@@ -0,0 +1,92 @@
+package symbolicexecution.checks;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.nio.channels.SelectableChannel;
+import java.nio.channels.SelectionKey;
+import java.nio.channels.SocketChannel;
+import java.util.Optional;
+import java.util.concurrent.ThreadLocalRandom;
+
+
+public class InvariantReturnCheckSample {
+
+  class CompliantExample1 {
+
+    private static void confuse() {
+      methodThatDoesNotExist();   // unresolved symbol
+    }
+
+    String foo() {
+      if (ThreadLocalRandom.current().nextInt() > 1) {
+        return null;
+      }
+      confuse();  // Compliant
+      return "something";
+    }
+  }
+
+  class CompliantExample2 {
+
+    boolean filter(SelectableChannel channel) {
+      if (channel == null){
+        return false;
+      }
+      return channel == null ? false :
+        getSth(channel) // Compliant
+        .isPresent();
+    }
+
+    private Optional<InetSocketAddress> getSth(SelectableChannel channel) {
+      if (channel instanceof SocketChannel socketChannel) {
+        try {
+          return Optional.of(((InetSocketAddress) socketChannel.getRemoteAddress()));
+        } catch (IOException e) {
+          log.error("", e);   // unresolved symbol
+        }
+      }
+      return Optional.empty();
+    }
+
+  }
+
+  class CompliantExample3 {
+
+    boolean filter(SelectableChannel channel) {
+      if (channel == null){
+        return false;
+      }
+      return getSth(channel) // Compliant
+        .isPresent();
+    }
+
+    private Optional<String> getSth(SelectableChannel channel) {
+      if (channel instanceof SocketChannel) {
+        log.info("Test");   // unresolved symbol
+        return Optional.of("test");
+      }
+      return Optional.empty();
+    }
+
+  }
+
+  class NoncompliantExample {
+
+    boolean filter(SelectableChannel channel) { // Noncompliant [[sc=13;ec=19]] {{Refactor this method to not always return the same value.}}
+      if (channel == null){
+        return false;
+      }
+      return true ? false : getSth(null);
+    }
+
+    private Optional<String> getSth(SelectableChannel channel) {
+      if (channel instanceof SocketChannel) {
+        log.info("Test");   // unresolved symbol
+        return Optional.of("test");
+      }
+      return Optional.empty();
+    }
+
+  }
+
+}
diff --git a/...xecution/checks/InvariantReturnCheck.java → ...on/checks/InvariantReturnCheckSample.java b/...xecution/checks/InvariantReturnCheck.java → ...on/checks/InvariantReturnCheckSample.java
@@ -4,7 +4,7 @@
 import java.util.List;
 import java.util.stream.Collectors;
 
-abstract class InvariantReturnCheck {
+abstract class InvariantReturnCheckSample {
   private boolean bool;
 
   private int foo(boolean a) { // Noncompliant [[flows=issue1]] {{Refactor this method to not always return the same value.}}
@@ -63,7 +63,7 @@ private int getConstant3(List<String> myList) {
     return 0;
   }
 
-  private InvariantReturnCheck() {
+  private InvariantReturnCheckSample() {
   }
 
   String constructComponentName() {

diff --git a/java-symbolic-execution/src/main/java/org/sonar/java/se/ExplodedGraphWalker.java b/java-symbolic-execution/src/main/java/org/sonar/java/se/ExplodedGraphWalker.java
@@ -293,6 +293,10 @@ private void execute(MethodTree tree) {
     node = null;
     programState = null;
     constraintManager = null;
+
+    if (methodBehavior != null){
+      methodBehavior.completed();
+    }
   }
 
   private void enqueueStartingStates(MethodTree tree, CFG cfg) {

diff --git a/java-symbolic-execution/src/main/java/org/sonar/java/se/SymbolicExecutionVisitor.java b/java-symbolic-execution/src/main/java/org/sonar/java/se/SymbolicExecutionVisitor.java
@@ -72,8 +72,7 @@ public void execute(MethodTree methodTree) {
       if (methodCanNotBeOverriden(methodSymbol)) {
         MethodBehavior methodBehavior = behaviorCache.methodBehaviorForSymbol(methodSymbol);
         if (!methodBehavior.isVisited()) {
-          methodBehavior = walker.visitMethod(methodTree, methodBehavior);
-          methodBehavior.completed();
+          walker.visitMethod(methodTree, methodBehavior);
         }
       } else {
         walker.visitMethod(methodTree);

diff --git a/java-symbolic-execution/src/test/java/org/sonar/java/se/checks/InvariantReturnCheckTest.java b/java-symbolic-execution/src/test/java/org/sonar/java/se/checks/InvariantReturnCheckTest.java
@@ -24,15 +24,26 @@
 import org.sonar.java.se.utils.SETestUtils;
 
 import static org.sonar.java.checks.verifier.TestUtils.mainCodeSourcesPath;
+import static org.sonar.java.checks.verifier.TestUtils.nonCompilingTestSourcesPath;
 
 class InvariantReturnCheckTest {
 
   @Test
-  void test() {
+  void testOnCompilingProgram() {
     SECheckVerifier.newVerifier()
-      .onFile(mainCodeSourcesPath("symbolicexecution/checks/InvariantReturnCheck.java"))
+      .onFile(mainCodeSourcesPath("symbolicexecution/checks/InvariantReturnCheckSample.java"))
       .withCheck(new InvariantReturnCheck())
       .withClassPath(SETestUtils.CLASS_PATH)
       .verifyIssues();
   }
+
+  @Test
+  void testWithUnresolvedSymbols() {
+    SECheckVerifier.newVerifier()
+      .onFile(nonCompilingTestSourcesPath("symbolicexecution/checks/InvariantReturnCheckSample.java"))
+      .withCheck(new InvariantReturnCheck())
+      .withClassPath(SETestUtils.CLASS_PATH)
+      .verifyIssues();
+  }
+
 }