Rules
Risk Assessment Summary
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
| NUM00-J | Medium | Unlikely | Medium | P4 | L3 |
| NUM01-J | Medium | Unlikely | Medium | P4 | L3 |
| NUM02-J | Low | Likely | Medium | P6 | L2 |
| NUM03-J | Low | Unlikely | Medium | P2 | L3 |
| NUM04-J | Low | Probable | High | P2 | L3 |
| NUM07-J | Low | Probable | Medium | P4 | L3 |
| NUM08-J | Low | Probable | Medium | P4 | L3 |
| NUM09-J | Low | Probable | Low | P6 | L2 |
| NUM10-J | Low | Probable | Low | P6 | L2 |
| NUM11-J | Low | Likely | Medium | P6 | L2 |
| NUM12-J | Low | Unlikely | Medium | P2 | L3 |
| NUM13-J | Low | Unlikely | Medium | P2 | L3 |
| NUM14-J | Low | Probable | Medium | P4 | L3 |
3 Comments
Dhruv Mohindra
Here's a snippet I just ran into:
So what is value? Unfortunately it is not 2 but 1.
The division is cast to int and Math.ceil returns the same value if its input arg is an int. Generally, any division's result does not produce a double if the operands are integers.
A simple fix is to cast the divisor to double/float -
Can someone add an example and delete this comment?
Dhruv Mohindra
Fell into this trap wherein auto-boxing does not promote the int to Long but to Integer instead and the if condition is never true:
BAD CODE
Set<Long> groupList = new HashSet<Long>(); if (groupList.contains(-1)) { // ... }GOOD CODE with '1L'
Set<Long> groupList = new HashSet<Long>(); if (groupList.contains(-1L)) { // ... }Do we have a rule for this?
Related: http://stackoverflow.com/questions/12588039/list-of-longs-how-do-you-check-if-it-contains-a-value
Robert Seacord
Yup! EXP04-J. Do not pass arguments to certain Java Collections Framework methods that are a different type than the collection parameter type