Uploaded image for project: 'SonarJava'
  1. SonarJava
  2. SONARJAVA-3096

S2068, S2092, S2115 and S3330 are not able to resolve variable latest assigned values anymore

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.9
    • Fix Version/s: 5.13
    • Component/s: CFG, Rules
    • Labels:
      None

      Description

      When fixing SONARJAVA-2945 (SonarJava 5.9), we introduced multiple cases of FN for multiple rules, and thus a significant regression for rules targeting the security domain.

      The algorithm which was dropped was never properly working, as implemented in a way too naive way (not taking into account the possible flow), and should probably have properly been written based on a CFG. Consequently, just reverting the change should not be considered.

      We should restore some of the cases which have been dropped, as the 4 impacted rules are targeting security domain.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              andrea.guarino Andrea Guarino
              Reporter:
              michael.gumowski Michael Gumowski
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: