weixin_34315485
weixin_34315485

2.findbugs总结

 

一 Bad practice(坏实现)

  1.Confusing method name

    a.Class names shouldn't shadow simple name of implemented interface

This class/interface has a simple name that is identical to that of an implemented/extended interface, except that the interface is in a different package (e.g., alpha.Foo extends beta.Foo). This can be exceptionally confusing, create lots of situations in which you have to look at import statements to resolve references and creates many opportunities to accidentally define methods that do not override methods in their superclasses.

不要定义与实现接口名一样的类/接口名

 1 public interface BaseMapper extends com.baomidou.mybatisplus.mapper.BaseMapper {
 2     public interface BaseMappers extends com.baomidou.mybatisplus.mapper.BaseMapper {
 3     //特别注意,由于继承了通用BaseMapper,该接口不能被扫描到,否则会出错,MapperScan(value="com.letsun.**.mapper*",markerInterface=CommonMapper.class)
 4     
 5     /**
 6      * 自定义多表复杂查询  
 7      * @param map
 8      * @param page
 9      * @return List
10      * @author xx<2018年4月12日>
11      */
12     List  selectComplex(Map map,Pagination page);
13 }

 

     b.Method names should start with a lower case letter()

Methods should be verbs, in mixed case with the first letter lowercase, with the first letter of each internal word capitalized.

方法应该是动词,并且首字母小写其他内部单词大写

 1 //获取下一个位置,并移动起始位置
 2     public final boolean GetNextgetNext(Out strMsg) {
 3         strMsg.setData("");
 4 
 5         //
 6         if (m_end == m_start) {
 7             return false;
 8         }
 9 
10         strMsg.setData(m_ringList[m_start]);
11         m_start = (m_start + 1) % m_capacity;
12 
13         return true;
14     }

 

     c.Class names should start with an upper case letter

Class names should be nouns, in mixed case with the first letter of each internal word capitalized. Try to keep your class names simple and descriptive. Use whole words-avoid acronyms and abbreviations (unless the abbreviation is much more widely used than the long form, such as URL or HTML).

类名首字母应该大写

1 public class testTest {}

 

     d.Field names should start with a lower case letter

Names of fields that are not final should be in mixed case with a lowercase first letter and the first letters of subsequent words capitalized.

不是final的类属性首字母应小写

1 public class OrderApiConfig {
2     
3     public static String Base base = "tms.";
4 }

 

     e.Class is not derived from an Exception,even though it is named as such

This class is not derived from another exception, but ends with 'Exception'. This will be confusing to users of this class.

Class没有继承Exception,虽然名字像一个异常,不能这样命名,会产生误解

1 public class GpsException extends AbsIniFilter
2 {
3     @Override
4     public void Excute()
5     {
6         this.getenumActionCategory(), this.getenumActionType(), TaAutoScheduleLog.EnumContentType.GpsException, TaAutoScheduleLog.EnumTppe.GpsException, "", "", OperUser);
7     }
8 }

 

  2.Mutable enum field

    a.Enum field is public and mutable

A mutable public field is defined inside a public enum, thus can be changed by malicious code or by accident from another package. Though mutable enum fields may be used for lazy initialization, it's a bad practice to expose them to the outer world. Consider declaring this field final and/or package-private.

枚举对象的某个属性不应该是public,尽管可变枚举属性会执行懒加载。应考虑用final及/或private修饰属性。

 1 public enum EnumInvalid {
 2     No(20),Yes(10);
 3     
 4     public final int code;
 5     
 6     EnumInvalid(int code) {
 7         this.code = code;
 8     }
 9     public static EnumInvalid getByCode(int code) {
10         EnumInvalid[] enums = EnumInvalid.values();
11         for (EnumInvalid dd_TypeEnum : enums) {
12             if (dd_TypeEnum.code == code) {
13                 return dd_TypeEnum;
14             }
15         }
16         return null;
17     }
18 }

 

     b.Public enum method unconditionally sets its field

This public method declared in public enum unconditionally sets enum field, thus this field can be changed by malicious code or by accident from another package. Though mutable enum fields may be used for lazy initialization, it's a bad practice to expose them to the outer world. Consider removing this method or declaring it package-private.

私有方法应该使用private

 1 public enum EnumCode {
 2         /**
 3          * 订单异常
 4          * 
 5          */
 6         // [Description("订单异常")]
 7         order_exception(-3,"订单异常");
 8 
 9         private int intValue;
10         
11         private String name;
12         private static java.util.HashMap mappings;
13 
14         private synchronized static java.util.HashMap getMappings() {
15             if (mappings == null) {
16                 mappings = new java.util.HashMap();
17             }
18             return mappings;
19         }
20 
21         private EnumCode(int value,String name) {
22             intValue = value;
23             this.name = name;
24             EnumCode.getMappings().put(value, this);
25         }
26 
27         public int getValue() {
28             return intValue;
29         }
30 
31         public static EnumCode forValue(int value) {
32             return getMappings().get(value);
33         }
34         
35         
36         public static String getValueByCode(Integer code) {
37             for (EnumCode platformFree : EnumCode.values()) {
38                 if (code.equals(platformFree.intValue)) {
39                     return platformFree.getName();
40                 }
41             }
42             return null;
43         }
44  
45         public String getName() {
46             return name;
47         }
48 
49         public int getIntValue() {
50             return intValue;
51         }
52 
53         public void setIntValue(int intValue) {
54             this.intValue = intValue;
55         }
56                 private void setIntValue(int intValue) {
57             this.intValue = intValue;
58         }
59 
60         public void setName(String name) {
61             this.name = name;
62         }
63         private void setName(String name) {
64             this.name = name;
65         }
66     }

 

  3.Bad use of return value from method

    a.Method ignores exceptional return value

This method returns a value that is not checked. The return value should be checked since it can indicate an unusual or unexpected function execution. For example, the File.delete() method returns false if the file could not be successfully deleted (rather than throwing an Exception). If you don't check the result, you won't notice if the method invocation signals unexpected behavior by returning an atypical return value.

方法忽略了异常返回值,需捕获

 

 1 private static void CreateDirectory(String directory) {
 2         File file = new File(directory);
 3         if (!file.exists() || !file.isDirectory()) {
 4             try {
 5                 file.mkdirs();
 6             }
 7             catch (Exception ex)
 8             {
 9                 throw ex;
10             }
11         }
12     }

 

 

 

  4.Stream not colsed on all paths

    a.Mathod may fail to close stream

The method creates an IO stream object, does not assign it to any fields, pass it to other methods that might close it, or return it, and does not appear to close the stream on all paths out of the method.  This may result in a file descriptor leak.  It is generally a good idea to use a finally block to ensure that streams are closed.

需确保数据流关闭

 1 public static String doPost(final Map strParams, final Map fileParams) {
 2         HttpURLConnection conn = null;
 3         try {
 4             URL url = new URL(Const.ErpfileUrl);
 5             conn = (HttpURLConnection) url.openConnection();
 6             conn.setRequestMethod("POST");
 7             conn.setReadTimeout(TIME_OUT);
 8             conn.setConnectTimeout(TIME_OUT);
 9             conn.setDoOutput(true);
10             conn.setDoInput(true);
11             conn.setUseCaches(false);// Post 请求不能使用缓存
12             // 设置请求头参数
13             conn.setRequestProperty("Connection", "Keep-Alive");
14             conn.setRequestProperty("Charset", "UTF-8");
15             conn.setRequestProperty("Content-Type", CONTENT_TYPE + "; boundary=" + BOUNDARY);
16             /**
17              * 请求体
18              */
19             // 上传参数
20             DataOutputStream dos = new DataOutputStream(conn.getOutputStream());
21             // getStrParams()为一个
22             dos.writeBytes(getStrParams(strParams).toString());
23             dos.flush();
24 
25             // 文件上传
26             StringBuilder fileSb = new StringBuilder();
27             for (Map.Entry fileEntry : fileParams.entrySet()) {
28                 fileSb.append(PREFIX).append(BOUNDARY).append(LINE_END)
29                         /**
30                          * 这里重点注意: name里面的值为服务端需要的key 只有这个key 才可以得到对应的文件 filename是文件的名字,包含后缀名的
31                          * 比如:abc.png
32                          */
33                         .append("Content-Disposition: form-data; name=\"file\"; filename=\"" + fileEntry.getKey() + "\"" + LINE_END)
34                         .append("Content-Type: */*" + LINE_END) // 此处的ContentType不同于 请求头 中Content-Type
35                         .append(LINE_END);// 参数头设置完以后需要两个换行,然后才是参数内容
36                 dos.writeBytes(fileSb.toString());
37                 dos.flush();
38                 InputStream is = new FileInputStream(fileEntry.getValue());
39                 byte[] buffer = new byte[1024];
40                 int len = 0;
41                 while ((len = is.read(buffer)) != -1) {
42                     dos.write(buffer, 0, len);
43                 }
44                 is.close();
45                 dos.writeBytes(LINE_END);
46             }
47             // 请求结束标志
48             dos.writeBytes(PREFIX + BOUNDARY + PREFIX + LINE_END);
49             dos.flush();
50             dos.close();
51 
52             BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream(),"UTF-8"));
53             StringBuilder response = new StringBuilder();
54             String line = null;
55             while ((line = reader.readLine()) != null) {
56                 response.append(line);
57             }
58             reader.close();
59             return response.toString();
60         } catch (Exception e) {
61             e.printStackTrace();
62         } finally {
63             if (conn != null) {
64                 conn.disconnect();
65             }
66         }
67 
68         return "";
69     }

 

  5.Dubious method invocation

    a.Adding elements of an entry set may fail due to reuse of Entry objects

The entrySet() method is allowed to return a view of the underlying Map in which a single Entry object is reused and returned during the iteration. As of Java 1.6, both IdentityHashMap and EnumMap did so. When iterating through such a Map, the Entry value is only valid until you advance to the next iteration. If, for example, you try to pass such an entrySet to an addAll method, things will go badly wrong.

一个入口的添加可能因为重用Entry对象导致失败,entrySet()方法允许重复使用导致数据异常。

 1 public static String sortMapForSign(Map paramMap, String accessKey) {
 2         TreeMap treeMap=new TreeMap<>();
 3         treeMap.putAll(paramMap);
 4         // 参数排序
 5         List> entryList = new ArrayList<>();
 6         entryList.addAll(paramMap.entrySet());
 7         Collections.sort(entryList, (o1, o2) -> o1.getKey().compareTo(o2.getKey()));
 8         // 拼接成待签名串
 9         StringBuffer sb = new StringBuffer(accessKey);
10         for (Map.Entry entry : entryList) {
11         for (Map.Entry entry : treeMap.entrySet()) {
12             String paramKey = entry.getKey();
13             sb.append(paramKey + entry.getValue());
14         }
15         String nativSign = Md5Utils.md5Encode(sb.toString()).toUpperCase();
16         return nativSign;
17     }

 

  6.Bad implementation of Serializable class

    a.Class defines clone() but doesn't implement Cloneable

This class defines a clone() method but the class doesn't implement Cloneable. There are some situations in which this is OK (e.g., you want to control how subclasses can clone themselves), but just make sure that this is what you intended.

类定义了clone()但没有实现Cloneable

 1 private static class Distance {
 2 private static class Distance implements Cloneable {
 3         /**
 4          * 
 5          * 
 6          */
 7         public BigDecimal QH_distance = new BigDecimal(0);
 8         /**
 9          * 
10          * 
11          */
12         public BigDecimal PH_distance = new BigDecimal(0);
13 
14         public Distance clone() {
15             Distance varCopy = new Distance();
16 
17             varCopy.QH_distance = this.QH_distance;
18             varCopy.PH_distance = this.PH_distance;
19 
20             return varCopy;
21         }
22 
23         public void setQH_distance(BigDecimal qh_distance2) {
24             // TODO Auto-generated method stub
25 
26         }
27 
28         public void setPH_distance(BigDecimal ph_distance2) {
29             // TODO Auto-generated method stub
30 
31         }
32     }

 

  7.Incorrect definition of Serializable class

    a.serialVersionUID isn't final

This class defines a serialVersionUID field that is not final.  The field should be made final if it is intended to specify the version UID for purposes of serialization.

serialVersionUID不是final的

1 public class GetTaskStatusByCarModel implements Serializable {
2     /**
3      * @Fields serialVersionUID : TODO
4      */
5     private static  long serialVersionUID = 1L;
6     private static final long serialVersionUID = 1L;
7 }

 

    b.Comparator doesn't implement Serializable

This class implements the Comparator interface. You should consider whether or not it should also implement the Serializable interface. If a comparator is used to construct an ordered collection such as a TreeMap, then the TreeMap will be serializable only if the comparator is also serializable. As most comparators have little or no state, making them serializable is generally easy and good defensive programming.

Comparator没有实现Serializable

1 class MyComparator implements Comparator { 
2     class MyComparator implements Comparator, Serializable {
3     @Override
4     public int compare(GetHistoryConsumedTimeModel s1, GetHistoryConsumedTimeModel s2) {
5         int num = s1.getval().intValue() - s2.getval().intValue();
6         int num1 = (num == 0 ? s1.getID().compareTo(s2.getID()) : num);
7         return num1;
8     }
9 }

 

  8.Format string problem

    a.Format string should use %n rather than \n

This format string include a newline character (\n). In format strings, it is generally preferable better to use %n, which will produce the platform-specific line separator.

格式化代码应该使用%n代替\n

1             sbLog.append(String.format("请求路径: %s%n", request.getRequestURL().toString()));
2             sbLog.append(String.format("请求方式: %s\r\n", request.getMethod()));
3             sbLog.append(String.format("请求类名: %s\r\n", joinPoint.getSignature().getDeclaringTypeName()));
4

 

  9.Dropped or ignored exception

    a.Method might ignore exception

This method might ignore an exception.  In general, exceptions should be handled or reported in some way, or they should be thrown out of the method.

异常需捕获或者手动处理。

 1 if (StringUtils.isNotBlank(bagReq.getNeedToDate())) {
 2             try {
 3                 
 4                 SimpleDateFormat sdf = new SimpleDateFormat("EEE MMM dd HH:mm:ss z yyyy",Locale.US);
 5                 Date d=sdf.parse(bagReq.getNeedToDate());
 6                 sdf = new SimpleDateFormat("yyyy-MM-dd",Locale.US);
 7                 wrapper.eq("NeedToDate", sdf.format(d));
 8             } catch (Exception e) {
 9                 // TODO: handle exception
10             }
11              
12         }

 

  10.Checking String equality using == or !=(严重)

    a.Comparison of String objects using == or !=

This code compares java.lang.String objects for reference equality using the == or != operators. Unless both strings are either constants in a source file, or have been interned using the String.intern() method, the same string value may be represented by two different String objects. Consider using the equals(Object) method instead

对象的比较不要使用==和!=,要使用equals方法

 1 private static  boolean IsCanCompare(Class t) {
 2         if (t.isAssignableFrom(Comparable.class)) { //(t.IsValueType) {
 3             return true;
 4         } else {
 5             // String是特殊的引用类型
 6             if (t.getName() == String.class.getName()) {
 7                 return true;
 8             }
 9             if(t.getName().equals(String.class.getName()))
10             {
11                 return true;
12             }
13             return false;
14         }
15     }

 

二 Correctness(一般的正确性问题,可能导致错误的代码)

  1.Null pointer dereference

    a.Possible null pointer dereference

There is a branch of statement that, if executed, guarantees that a null value will be dereferenced, which would generate a NullPointerException when the code is executed. Of course, the problem might be that the branch or statement is infeasible and that the null pointer exception can't ever be executed; deciding that is beyond the ability of FindBugs.

 1 public int UpdateBagState(String waybillNo, String operationMan) {
 2         String tWaybingllNo ="";
 3         if(null != waybillNo && waybillNo.contains(",")) {
 4             String[] tWaybillNoArr = waybillNo.split(",");
 5             if(tWaybillNoArr[0].length() == 0) {
 6                 tWaybingllNo = tWaybillNoArr[0];
 7             }else {
 8                 return 0;
 9             }
10             
11         }else {
12             if(null != waybillNo&&waybillNo.length() == 0) {
13                 return 0;
14             }else {
15                 tWaybingllNo = waybillNo;
16             }
17         }

 

    b.Possible null pointer dereference in method on exception path

A reference value which is null on some exception control path is dereferenced here.  This may lead to a NullPointerException when the code is executed.  Note that because FindBugs currently does not prune infeasible exception paths, this may be a false warning.
Also note that FindBugs considers the default case of a switch statement to be an exception path, since the default case is often infeasible.

 1 public PickupingScan GetPickupingScanByTaskNo(String taskNo) {
 2         String url = ApiConfig.Pickup;
 3         Map requestParameters = new HashMap();
 4         requestParameters.put("elasticsearchFlag", "N");
 5         requestParameters.put("countFlag", "N");
 6         requestParameters.put("page", 1);
 7         requestParameters.put("pageSize", 10);
 8         Map obj1 = new HashMap();
 9         List list1 = new ArrayList();
10         Map obj2 = new HashMap();
11         obj2.put("conditionOperation", "");
12         obj2.put("propertyName", "orderNumber");
13         List list2 = new ArrayList();
14         list2.add(taskNo);
15         obj2.put("values", list2);
16         obj2.put("postBrackets", ")");
17         obj2.put("type", "string");
18         obj2.put("frontBrackets", "(");
19         obj2.put("operation", "equal");
20         obj2.put("columnName", "order_number");
21         list1.add(obj2);
22         obj1.put("vos", list1);
23         requestParameters.put("generic", obj1);
24         String res = ASMOpenApi.request(url,requestParameters );
25         if (StringUtils.isNotBlank(res)) {
26             ObjectMapper mapper = new ObjectMapper();
27             mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES,false);
28             KyeResponse> responseModel = null;
29             try {
30                 responseModel = mapper.readValue(res, new com.fasterxml.jackson.core.type.TypeReference>>() {
31                 });
32             } catch (IOException e) {
33                 e.printStackTrace();
34             }
35 //            Response> responseModel = JSONObject.parseObject(res, new TypeReference>>() {
36 //            });
37             if (responseModel!=null||responseModel.isFail())
38                 return null;
39             if (responseModel.getData() == null || responseModel.getData().getrows() == null || responseModel.getData().getrows().size() == 0)
40                 return null;
41             return ConfigConverter.MapConfigToPickupingScan(responseModel.getData().getrows().get(0));
42         }
43         return null;
44     } 
    
   
 
 
   
    c.Non-virtual method call passes null for non-null parameter
 
   
A possibly-null value is passed to a non-null method parameter. Either the parameter is annotated as a parameter that should always be non-null, or analysis has shown that it will always be dereferenced.
 
   
可能为null的值将传递给非null方法参数。 要么将参数注释为应始终为非null的参数,要么分析表明它将始终被取消引用。
 
   
 
    
Response result = autoScheduleCoreHelper.GetHistoryConsumedTime(_type, company_no, number, weight,null"", departName);
        
 
   
 
   
 
 
   
    d.Null pointer dereference(严重)
 
   
A null pointer is dereferenced here.  This will lead to a NullPointerException when the code is executed.
 
   
 
    
 1 public List OrderNoValid(String orderNo) {
 2 
 3         TaTask taskEntity = null;
 4         this.OrderNoValidCheck(orderNo, taskEntity);
 5         AddSubscribeCusomterModel newModel = new AddSubscribeCusomterModel();
 6         newModel.setorderno(orderNo);
 7         if(taskEntity!=null)
 8         {
 9             newModel.setcompanyname(taskEntity.getCol007());
10             newModel.setcarno(taskEntity.getCarNo());
11             newModel.setappointment_name(taskEntity.getCol008());
12             newModel.setType(taskEntity.getType() + "");
13         }
14         List lst = new ArrayList();
15         lst.add(newModel);
16         return lst;
17     }
 
   
 
   
 
 
   
    e.Read of unwritten field
 
   
The program is dereferencing a field that does not seem to ever have a non-null value written to it. Unless the field is initialized via some mechanism not seen by the analysis, dereferencing this value will generate a null pointer exception.
 
   
此字段是永远不会写入值,如果不需要的话就删除掉
 
   
 
    
 1 public class StopUnFinishTask extends AbsDispatch
 2 {
 3     
 4     
 5     private TaManualLogNew.EnumManualSubType _enumManualSubType = TaManualLogNew.EnumManualSubType.Manual_StopUnFinishTask;
 6     @Override
 7     protected TaManualLogNew.EnumManualSubType getenumManualSubType()
 8     {
 9         return _enumManualSubType;
10     }
11     @Override
12     protected void setenumManualSubType(TaManualLogNew.EnumManualSubType value)
13     {
14         _enumManualSubType = value;
15     }
16     
17 }
 
   
 
   
 
 
   
    f.Method call passes null for non-null parameter
 
   
This method call passes a null value for a non-null method parameter. Either the parameter is annotated as a parameter that should always be non-null, or analysis has shown that it will always be dereferenced.
 
   
方法调用传递null给非空参数
 
   
 
    
 1 public static String encode(String unencoded) {
 2         byte[] bytes = null;
 3         try {
 4             bytes = unencoded.getBytes("UTF-8");
 5         } catch (UnsupportedEncodingException ignored) {
 6         }
 7         if(bytes!=null)
 8         {
 9             return encode(bytes);
10         }
11         return null;
12     }
 
   
 
   
 
 
   
    g.Value is null and guaranteed to be dereferenced on exception path
 
   
There is a statement or branch on an exception path that if executed guarantees that a value is null at this point, and that value that is guaranteed to be dereferenced (except on forward paths involving runtime exceptions)
 
   
null值会在exception处理中被用到
 
   
 
    
 1 public static String doPost(String url, Map param,Map hearer) {
 2         // 创建Httpclient对象
 3         CloseableHttpClient httpClient = HttpClients.createDefault();
 4         CloseableHttpResponse response = null;
 5         String resultString = "";
 6         try {
 7             // 创建Http Post请求
 8             HttpPost httpPost = new HttpPost(url);
 9             if (hearer != null && !hearer.isEmpty()) {
10                 for (Entry enty : hearer.entrySet()) {
11                     httpPost.addHeader(enty.getKey(), enty.getValue());
12                 }
13             }
14             // 创建参数列表
15             if (param != null) {
16                 List paramList = new ArrayList();
17                 for (String key : param.keySet()) {
18                     paramList.add(new BasicNameValuePair(key, param.get(key)));
19                 }
20                 // 模拟表单
21                 UrlEncodedFormEntity entity = new UrlEncodedFormEntity(paramList);
22                 httpPost.setEntity(entity);
23             }
24             // 执行http请求
25             response = httpClient.execute(httpPost);
26             resultString = EntityUtils.toString(response.getEntity(), "utf-8");
27         } catch (Exception e) {
28             e.printStackTrace();
29         } finally {
30             try {
31                 if(response!=null)
32                 {
33                     response.close();
34                 }
35             } catch (IOException e) {
36                 e.printStackTrace();
37             }
38         }
39         return resultString;
40     }
 
   
 
   
 
 
   
  2.Redundant comparison to null
 
   
    a.Nullcheck of value previously dereferenced
 
   
A value is checked here to see whether it is null, but this value can't be null because it was previously dereferenced and if it were null a null pointer exception would have occurred at the earlier dereference. Essentially, this code and the previous dereference disagree as to whether this value is allowed to be null. Either the check is redundant or the previous dereference is erroneous.
 
   
对一个已经使用的值进行了null检测
 
   
 
    
 1 private TA_ZWICRecordset GetRecordset(Map dic, String url) {
 2         String res = OpenApi.request(url, dic);
 3         if (StringUtils.isNotBlank(res)) {
 4             ObjectMapper mapper = new ObjectMapper();
 5             mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES,false);
 6             Response> responseModel = null;
 7             try {
 8                 responseModel = mapper.readValue(res, new com.fasterxml.jackson.core.type.TypeReference>>() {
 9                 });
10             } catch (IOException e) {
11                 e.printStackTrace();
12             }
13             if (responseModel == null || responseModel.isFail() || responseModel.getData() == null || responseModel.getData().getRows() == null)
14                 return null;
15 
16             List models = responseModel.getData().getRows();
17 
18             Collections.sort(models, new Comparator() {
19                 @Override
20                 public int compare(RecordSetResponseModel o1, RecordSetResponseModel o2) {
21                     return o2.getCol_006() > o1.getCol_006() ? 1 : -1;
22                 }
23             });
24             
25             if(models!=null && models.size()>0)
26             {
27                 return RecordSetConverter.ToEntity(models.get(0));
28             }            
29         }
30         return null;
31     }
 
   
 
   
 
 
   
  3.Suspicious bitwise logical expression
 
   
    a.BitWise OR of signed byte value
 
   
Loads a byte value (e.g., a value loaded from a byte array or returned by a method with return type byte) and performs a bitwise OR with that value. Byte values are sign extended to 32 bits before any any bitwise operations are performed on the value. Thus, if b[0] contains the value 0xff, and x is initially 0, then the code ((x << 8) | b[0]) will sign extend 0xff to get 0xffffffff, and thus give the value 0xffffffff as the result.
In particular, the following code for packing a byte array into an int is badly wrong:
int result = 0;
for(int i = 0; i < 4; i++)
 result = ((result << 8) | b[i]);
The following idiom will work instead:
int result = 0;
for(int i = 0; i < 4; i++)
 result = ((result << 8) | (b[i] & 0xff));
 
   
不能 在带符号的byte值上进行位OR运算
 
   
 
    
 1  private static long byteArrayToLong(byte[] b) {
 2         long resultHigh = 0;
 3         long resultLow = 0;
 4         for (int i = 0; i < b.length; i = i + 2) {
 5             resultHigh = resultHigh << 8 | b[i];
 6             resultHigh = ((resultHigh << 8) | (b[i]&0xff));
 7             resultLow = resultLow << 8 | b[i + 1];
 8             resultLow = (resultLow << 8) | (b[i + 1]&0xff);
 9         }
10 
11         return resultHigh ^ resultLow;
12     }
 
   
 
   
 
 
   
  4.Casting from integer values
 
   
    a.Integral value cast to double and then passed to Math.ceil
 
   
This code converts an integral value (e.g., int or long) to a double precision floating point number and then passing the result to the Math.ceil() function, which rounds a double to the next higher integer value. This operation should always be a no-op, since the converting an integer to a double should give a number with no fractional part. It is likely that the operation that generated the value to be passed to Math.ceil was intended to be performed using double precision floating point arithmetic.
 
   
不能int转换成double,然后传递给Math.ceil
 
   
 
    
 1 public ERPResponseResult(List models, int rowTotal, int page, String pagesizestr) {
 2         Integer curentpagesize = 1;
 3         if (!StringUtils.isBlank(pagesizestr)) {
 4             curentpagesize = Ints.tryParse(pagesizestr);
 5         }
 6         if (curentpagesize == null) {
 7             curentpagesize = 0;
 8         }
 9         this.setRows(models);
10         this.setRowTotal(rowTotal);
11         this.setPage(page);
12         this.setPageSize(curentpagesize);
13         this.setPageTotal(getPageSize() == 0 ? getPageSize() : (int) Math.ceil(Double.parseDouble(Integer.toString(rowTotal))/ Double.parseDouble(Integer.toString(getPageSize()))));
14         // erpResult.pageTotal = rowTotal / erpResult.pageSize;
15     }
 
   
 
   
 
 
   
  5.Format string problem
 
   
    a.MessageFormat supplied where printf style format expected(严重)
 
   
A method is called that expects a Java printf format string and a list of arguments. However, the format string doesn't contain any format specifiers (e.g., %s) but does contain message format elements (e.g., {0}). It is likely that the code is supplying a MessageFormat string when a printf-style format string is required. At runtime, all of the arguments will be ignored and the format string will be returned exactly as provided without any formatting.
 
   
需要使用printf样式时使用了MessageFormat
 
   
 
    
1 mDebugLog.append("\n").append(String.format("TaskJson:{0}%s", taskJson));
 
   
 
   
 
 
   
    b.More arguments are passed than are actually used in the format string
 
   
A format-string method with a variable number of arguments is called, but more arguments are passed than are actually used by the format string. This won't cause a runtime exception, but the code may be silently omitting information that was intended to be included in the formatted string.
 
   
缺少占位符
 
   
 
    
1 FileLogHelper.Error(String.format("【UpdataCarDepart】根据车牌更新点部失败 车牌:%s 点部:%s 原因:%s", model.getcarno(),model.getdepart(),ex.getMessage()));
2        
 
   
 
   
 
 
   
  6.Dubious method invocation
 
   
    a.Bad constant value for month(严重)
 
   
This code passes a constant month value outside the expected range of 0..11 to a method.
 
   
 对于month错误的常量值
 
   
 
    
 1 public static Date getLastMonthTime(boolean startOrEnd) {
 2         Calendar calendar = Calendar.getInstance();
 3         int month = calendar.get(Calendar.MONTH) - 1;
 4         int year = calendar.get(Calendar.YEAR);
 5         Date dtStart;
 6         Date dtEnd;
 7         if (month == 0) { // 表示上月为12月 去年的
 8             calendar.set(year - 1, 1211, 1);
 9             dtStart = calendar.getTime();
10             calendar.set(year - 1, 1211, 31, 23, 59, 59);
11             dtEnd = calendar.getTime();
12         } else {
13 //            dtStart = new Date(new Date().Year, month, 1);
14             calendar.set(year, month, 1);
15             dtStart = calendar.getTime();
16             calendar.add(Calendar.MONTH, 1);
17             calendar.add(Calendar.SECOND, -1);
18             dtEnd = calendar.getTime();
19         }
20         return startOrEnd ? dtStart : dtEnd;
21     }
 
   
 
   
 
 
   
  7.Regular expressions
 
   
    a."." or "|" used for regular expression(严重)
 
   
A String function is being invoked and "." or "|" is being passed to a parameter that takes a regular expression as an argument. Is this what you intended? For example
s.replaceAll(".", "/") will return a String in which every character has been replaced by a '/' character
s.split(".") always returns a zero length array of String
"ab|cd".replaceAll("|", "/") will return "/a/b/|/c/d/"
"ab|cd".split("|") will return array with six (!) elements: [, a, b, |, c, d]
 
   
不能使用spil分隔"." 和 "|"
 
   
 
    
1 String[] depotManualDealConfig = strDepotManualDealConfig.split("\\|");
 
   
 
   
 
    
1 String[] depotManualDealConfig = StringUtils.split(strDepotManualDealConfig,"|");
 
   
 
   
    b.Invalid syntax for regular expression(严重)
 
   
The code here uses a regular expression that is invalid according to the syntax for regular expressions. This statement will throw a PatternSyntaxException when executed.
 
   
非法的正则表达式
 
   
 
    
1 String regex = "[\\u4E00-\\u9FFF0-9a-zA-Z-—\\\\/#()()]\"), @\"[\\u4E00-\\u9FFF].*";
2         Pattern pattern = Pattern.compile(regex);
 
   
 
   
 
 
   
  8.Suspicious integer expression
 
   
    a.Bad comparison of signed byte
 
   
Signed bytes can only have a value in the range -128 to 127. Comparing a signed byte with a value outside that range is vacuous and likely to be incorrect. To convert a signed byte b to an unsigned value in the range 0..255, use 0xff & b
 
   
byte比较使用错误,有符号位比较范围在-128到127,如果要用无符号位比较用0xff转换
 
   
 
    
 1 private static String UrlEncode(String url)
 2     {
 3         byte[] bytes;
 4         try
 5         {
 6             bytes= url.getBytes("UTF-8");
 7         }
 8         catch (Exception ex)
 9         {
10             return null;
11         }
12         int num = bytes.length;
13         StringBuilder stringBuilder = new StringBuilder(num * 3);
14         for (int i = 0; i < num; i++)
15         {
16             if (bytes[i] > -128)
17             {
18                 stringBuilder.append("%");
19                 stringBuilder.append(String.format("%02X", bytes[i]));
20                 i++;
21                 stringBuilder.append("%");
22                 stringBuilder.append(String.format("%02X", bytes[i]));
23             }
24             else
25             {
26                 String result;
27                 try {
28                     result=new String(bytes,"UTF-8");
29                 }
30                 catch (Exception ex)
31                 {
32                     return null;
33                 }
34                 stringBuilder.append(result);
35             }
36         }
37         return stringBuilder.toString();
38     }
 
   
 
   
 
 
   
    b.Bad comparison of nonnegative value with negative constant or zero
 
   
This code compares a value that is guaranteed to be non-negative with a negative constant or zero.
 
   
不为负数的值比较使用错误
 
   
 
    
1 if (notExistDepartIdList == null || notExistDepartIdList.size() <== 0) {
2                 String idList = StringUtils.join(notExistDepartIdList, ",");
3                 String errorMsg = String.format("保存失败,这些点部不存在:%1$s", idList);
4                 return errorMsg;
5             }
 
   
 
   
 
 
   
  9.Useless/non-informative string generated
 
   
    a.Invocation of toString on an array(严重)
 
   
The code invokes toString on an array, which will generate a fairly useless result such as [C@16f0472. Consider using Arrays.toString to convert the array into a readable String that gives the contents of the array. See Programming Puzzlers, chapter 3, puzzle 12.
 
   
调用了数组的toString,使用错误
 
   
 
    
 1 private boolean AddValidate(AddAIStationConfigRequest input) {
 2         
 3         int type = input.gettype();
 4         TsAiStationConfig dbEntity = tsAiStationConfigService.Get(input.getname(), type);
 5         if (dbEntity != null && StringUtils.isNotBlank(dbEntity.getId())) {
 6             throw new Exception("版本号已存在");
 7         }
 8 
 9         List list = tsAiStationConfigService.GetList(type);
10 
11         if (list != null && !list.isEmpty() && StringUtils.isNotBlank(input.getdepotids())) {
12             String[] inputdepotidArray = input.getdepotids().split(",");
13             List dbDepotIdList = list.parallelStream().map(p -> p.getDepotIds()).collect(Collectors.toList());
14 
15             if (dbDepotIdList != null && !dbDepotIdList.isEmpty() && inputdepotidArray != null) {
16                 for (String depots : dbDepotIdList) {
17 
18                     if(StringUtils.isBlank(depots)) {
19                         continue;
20                     }
21                     
22                     String[] dbList = depots.split(",");
23 
24                     for (String db_depot : dbList) {
25                         if(Arrays.asList(inputdepotidArray).contains(db_depot))
26                         {
27                             throw new Exception("已存在,dbDepotIdList:" + JSONObject.toJSONString(dbDepotIdList));
28                         }
29                         if (inputdepotidArray.toString().contains(db_depot)) {
30                             throw new Exception("已存在,dbDepotIdList:" + JSONObject.toJSONString(dbDepotIdList));
31                         }
32                     }
33                 }
34                 for (String input_depot : inputdepotidArray) {
35                     TsPositionConfig posCfg = positionCachedHelper.IsOpenEntity(input_depot);
36                     if (posCfg == null) {
37                         throw new Exception("未开启" + input_depot);
38                     }
39                 }
40             }
41         }
42         return true;
43     }
 
   
 
   
 
 
   
  10.Ignored parameter
 
   
    a.A parameter is dead upon entry to a method but overwritten
 
   
The initial value of this parameter is ignored, and the parameter is overwritten here. This often indicates a mistaken belief that the write to the parameter will be conveyed back to the caller.
 
   
参数没有被使用,但是被重新赋值了,这种
 
   
 
    
 1 public  GetUseableTrcukModel Get(String depot_id, String carno, int cached)
 2     {
 3         cached = 0;
 4         String key = RedisPrefixKey.ac13 + depot_id;
 5         GetUseableTrcukModel model = null;
 6         if (redisUtils.hHasKey(key, carno))
 7         {
 8             model = (GetUseableTrcukModel)redisUtils.hget(key, carno);
 9             cached = 1;
10         }
11         return model;
12     }
 
   
 
   
 
 
   
  11.Bad casts of object references
 
   
    a.Impossible downcast of toArray() result
 
   
This code is casting the result of calling toArray() on a collection to a type more specific than Object[], as in:
String[] getAsArray(Collection c) {
 return (String[]) c.toArray();
 }
This will usually fail by throwing a ClassCastException. The toArray() of almost all collections return an Object[]. They can't really do anything else, since the Collection object has no reference to the declared generic type of the collection.
The correct way to do get an array of a specific type from a collection is to use c.toArray(new String[]); or c.toArray(new String[c.size()]); (the latter is slightly more efficient).
There is one common/known exception exception to this. The toArray() method of lists returned by Arrays.asList(...) will return a covariantly typed array. For example, Arrays.asArray(new String[] { "a" }).toArray() will return a String []. FindBugs attempts to detect and suppress such cases, but may miss some.
 
   
数组转换使用了错误的方法
 
   
 
    
1         String[] carNoLst = (String[])list.stream().map(p -> p.getCarNo()).collect(Collectors.toList()).toArray();
2         String[] carNoLst = list.stream().map(p -> p.getCarNo()).collect(Collectors.toList()).toArray(new String[list.size()]);
 
   
 
   
 
 
   
  12.Unwritten field
 
   
    a.Unwritten field
 
   
This field is never written.  All reads of it will return the default value. Check for errors (should it have been initialized?), or remove it if it is useless.
 
   
属性没有使用过,建议去掉
 
   
 
    
 1 public class UpdateBagStateModel {
 2     /**
 3      * 批次号
 4      * 
 5      */
 6     private String batchno;
 7 
 8     public final String getbatchno() {
 9         return batchno;
10     }
11 
12     public final void setbatchno(String value) {
13         batchno = value;
14     }
15 
16     /**
17      * 运单号
18      * 
19      */
20 //C# TO JAVA CONVERTER TODO TASK: Java annotations will not correspond to .NET attributes:
21     private String waybillno;
22     public final String getwaybillno() {
23         return waybillno;
24     }
25 
26     public final void setwaybillno(String value) {
27         waybillno = value;
28     }
29     
30     private String  operationman;
31     
32     public final String getOperationman()
33     {
34         return  operationman;
35     }
36     
37     
38 }
 
   
 
   
 
 
   
    b.Field only ever set to null
 
   
All writes to this field are of the constant value null, and thus all reads of the field will return null. Check for errors, or remove it if it is useless.
 
   
属性曾经设置为null,看具体代码,有些类属性没用了要去掉或者重新定义成局部变量。
 
   
  13.Confusing method name
 
   
    a.Very confusing method names
 
   
The referenced methods have names that differ only by capitalization. This is very confusing because if the capitalization were identical then one of the methods would override the other.
 
   
非常容易迷惑的方法名
 
   
 
    
1 protected TaAutoScheduleLog.EnumActionCategory getenumActionCategorygetEnumActionCategory()
2     {
3         return TaAutoScheduleLog.EnumActionCategory.ERP;
4     }
 
   
 
   
 
 
   
三 Dodgy code(具有潜在危险的代码,可能运行期产生错误)
 
   
  1.Null pointer dereference
 
   
    a.Possible null pointer dereference due to return value of called method
 
   
The return value from a method is dereferenced without a null check, and the return value of that method is one that should generally be checked for null. This may lead to a NullPointerException when the code is executed.
 
   
 
    
 1 public static boolean deleteDirectory(String filePath) {
 2         boolean flag = false;
 3         // 如果sPath不以文件分隔符结尾,自动添加文件分隔符
 4         if (!filePath.endsWith(File.separator)) {
 5             filePath = filePath + File.separator;
 6         }
 7         File dirFile = new File(filePath);
 8         // 如果dir对应的文件不存在,或者不是一个目录,则退出
 9         if (!dirFile.exists() || !dirFile.isDirectory()) {
10             return false;
11         }
12         flag = true;
13         // 删除文件夹下的所有文件(包括子目录)
14         File[] files = dirFile.listFiles();
15         if(files!=null) {
16             for (int i = 0; i < files.length; i++) {
17                 // 删除子文件
18                 if (files[i].isFile()) {
19                     flag = deleteFile(files[i].getAbsolutePath());
20                     if (!flag) {
21                         break;
22                     }
23 
24                 } // 删除子目录
25                 else {
26                     flag = deleteDirectory(files[i].getAbsolutePath());
27                     if (!flag) {
28                         break;
29                     }
30 
31                 }
32             }
33         }
34         if (!flag){
35             return false;
36         }
37             
38         // 删除当前目录
39         if (dirFile.delete()) {
40             return true;
41         } else {
42             return false;
43         }
44     }
 
   
 
   
 
 
   
    b.Load of known null value
 
   
The variable referenced at this point is known to be null due to an earlier check against null. Although this is valid, it might be a mistake (perhaps you intended to refer to a different variable, or perhaps the earlier check to see if the variable is null should have been a check to see if it was non-null).
 
   
 
    
1         if (entity == null) {
2             throw new RuntimeException("entity == null:ExcuteErpOldDispatch" + entity.getCarNo());
3         }
 
   
 
   
 
 
   
    c.Read of unWritten public or protected field
 
   
The program is dereferencing a public or protected field that does not seem to ever have a non-null value written to it. Unless the field is initialized via some mechanism not seen by the analysis, dereferencing this value will generate a null pointer exception.
 
   
引用的对象可能永远为空,即定义对象的时候就赋值null,这种写法是危险的。
 
   
 
    
1 public class BaseVoice
2 {
3     
4     protected TaVoiceMsg mTaVoiceMsg = null;
5     protected MsgContent mMsgContent = null;
6 }
 
   
 
   
 
 
   
  2.RuntimeException capture
 
   
    a.Exception is caught when Exception is not thrown
 
   
This method uses a try-catch block that catches Exception objects, but Exception is not thrown within the try block, and RuntimeException is not explicitly caught. It is a common bug pattern to say try { ... } catch (Exception e) { something } as a shorthand for catching a number of types of exception each of whose catch blocks is identical, but this construct also accidentally catches RuntimeException as well, masking potential bugs.
A better approach is to either explicitly catch the specific exceptions that are thrown, or to explicitly catch RuntimeException exception, rethrow it, and then catch all non-Runtime Exceptions, as shown below:
 try {
 ...
 } catch (RuntimeException e) {
 throw e;
 } catch (Exception e) {
 ... deal with all non-runtime exceptions ...
 }
 
   
异常捕获之后未处理
 
   
 
    
 1  public static String getPreTime(String sj1, String jj) {
 2     SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
 3     String mydate1 = "";
 4     try {
 5       Date date1 = format.parse(sj1);
 6       long Time = (date1.getTime() / 1000) + Integer.parseInt(jj) * 60;
 7       date1.setTime(Time * 1000);
 8       mydate1 = format.format(date1);
 9     } catch (Exception e) {
10 //todo
11     }
12     return mydate1;
13   }
 
   
 
   
 
 
   
  3.Bad casts of object references
 
   
    a.instanceof will always retrun true
 
   
This instanceof test will always return true (unless the value being tested is null). Although this is safe, make sure it isn't an indication of some misunderstanding or some other logic error. If you really want to test the value for being null, perhaps it would be clearer to do better to do a null test rather than an instanceof test.
 
   
instanceof判断永远为true
 
   
 
    
public static String buildKyeApiSignForGet(String accessKey, Map object) {

         if (object instanceof Mapobject!=null) {

            return sortMapForSign((Map)object, accessKey);

        } else {
            throw new RuntimeException("待签名串类型不符合MAP");
        }

    }
 
   
 
   
 
 
   
  4.Redundant comparison to null
 
   
    a.Redundant nullcheck of value known to be non-null
 
   
This method contains a redundant check of a known non-null value against the constant null.
 
   
 对一个已知不是null的值重复进行空值判断
 
   
 
    
1         String dddrivename = (dd == null ? "" : dd.getDD_003());
2             String dddriveid = (dd == null ? "" : dd.getdriverId());
3             String ddcarno = (dd == null ? "" : dd.getDD_004());
 
   
 
   
 
 
   
    b.Redundant nullcheck of value known to be null
 
   
This method contains a redundant check of a known null value against the constant null.
 
   
 对一个已知是null的值重复进行非空值判断
 
   
 
    
1         TaAutoDispatchTask task = null;
2         if (task != null) {
3 }
 
   
 
   
 
 
   
  5.Questionable integer math
 
   
    a.Computation of average could overflow
 
   
The code computes the average of two integers using either division or signed right shift, and then uses the result as the index of an array. If the values being averaged are very large, this can overflow (resulting in the computation of a negative average). Assuming that the result is intended to be nonnegative, you can use an unsigned right shift instead. In other words, rather that using (low+high)/2, use (low+high) >>> 1
This bug exists in many earlier implementations of binary search and merge sort. Martin Buchholz found and fixed it in the JDK libraries, and Joshua Bloch widely publicized the bug pattern.
 
   
计算平均值可能溢出
 
   
 
    
 1  private int GetClockwiseNearestNode(Integer[] keys, int hashOfItem) {
 2         int begin = 0;
 3         int end = keys.length - 1;
 4 
 5         if (keys[end] < hashOfItem || keys[0] > hashOfItem) {
 6             return 0;
 7         }
 8 
 9         int mid = begin;
10         while ((end - begin) > 1) {
11             mid = (end + begin) / 2;
12             mid=(end&begin)+((end^begin)>>1);
13             if (keys[mid] >= hashOfItem) {
14                 end = mid;
15             } else {
16                 begin = mid;
17             }
18         }
19 
20         return end;
21     }
 
   
 
   
 
 
   
  6.Dead local store
 
   
    a.Dead store to loccal variable
 
   
This instruction assigns a value to a local variable, but the value is not read or used in any subsequent instruction. Often, this indicates an error, because the value computed is never used.
Note that Sun's javac compiler often generates dead stores for final local variables. Because FindBugs is a bytecode-based tool, there is no easy way to eliminate these false positives.
 
   
未用的局部变量,但有可能是误报
 
   
 
 
   
  7.Casting from integer values
 
   
    a.Result of integer multiplication cast to long
 
   
This code performs integer multiply and then converts the result to a long, as in:
 long convertDaysToMilliseconds(int days) { return 1000*3600*24*days; }
If the multiplication is done using long arithmetic, you can avoid the possibility that the result will overflow. For example, you could fix the above code to:
 long convertDaysToMilliseconds(int days) { return 1000L*3600*24*days; }
or
 static final long MILLISECONDS_PER_DAY = 24L*3600*1000;
 long convertDaysToMilliseconds(int days) { return days * MILLISECONDS_PER_DAY; }
 
   
整形乘法的结果转换为long型
 
   
 
    
 1 /**
 2    * 得到一个时间延后或前移几天的时间,nowdate为时间,delay为前移或后延的天数
 3    */
 4   public static String getNextDay(String nowdate, String delay) {
 5     try {
 6       SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd");
 7       String mdate = "";
 8       Date d = strToDate(nowdate);
 9       long myTime = (d.getTime() / 1000) + Integer.parseInt(delay) * 24L * 60 * 60;
10       d.setTime(myTime * 1000);
11       mdate = format.format(d);
12       return mdate;
13     } catch (Exception e) {
14       return "";
15     }
16   }
 
   
 
   
 
 
   
  8.Switch case falls through
 
   
    a.Switch statement found where default case is missing
 
   
This method contains a switch statement where default case is missing. Usually you need to provide a default case.
Because the analysis only looks at the generated bytecode, this warning can be incorrect triggered if the default case is at the end of the switch statement and the switch statement doesn't contain break statements for other cases.
 
   
Switch语句中没有包含default
 
   
 
    
 1 switch (params.getType()) {
 2         case 0:
 3             enumType = AutoScheduleBLL_zl.EnumType.waybillno;
 4             break;
 5         case 1:
 6             enumType = AutoScheduleBLL_zl.EnumType.orderno;
 7             break;
 8         case 2:
 9             enumType = AutoScheduleBLL_zl.EnumType.depot;
10             break;
11             default:
12                 break;
13         }
 
   
 
   
 
 
   
  9.Useless code
 
   
    a.Useless object created
 
   
Our analysis shows that this object is useless. It's created and modified, but its value never go outside of the method or produce any side-effect. Either there is a mistake and object was intended to be used or it can be removed.
This analysis rarely produces false-positives. Common false-positive cases include:
- This object used to implicitly throw some obscure exception.
 
   
未使用的对象应删除掉,不然有可能抛出异常
 
   
 
    
1 List vals2 = new ArrayList<>();
2         vals2.add("2018-05-05");
3         vals2.add("2018-05-09");
4         //vo2.setValues(vals2); 
    
   
 
 
   
  10.Misuse of static fields
 
   
    a.Write to static field from instance method
 
   
This instance method writes to a static field. This is tricky to get correct if multiple instances are being manipulated, and generally bad practice.
 
   
静态对象不要多次实例化
 
   
  11.Bad use of return value from method
 
   
    a.Return value of method without side effect is ignored
 
   
This code calls a method and ignores the return value. However our analysis shows that the method (including its implementations in subclasses if any) does not produce any effect other than return value. Thus this call can be removed.
We are trying to reduce the false positives as much as possible, but in some cases this warning might be wrong. Common false-positive cases include:
- The method is designed to be overridden and produce a side effect in other projects which are out of the scope of the analysis.
- The method is called to trigger the class loading which may have a side effect.
- The method is called just to get some exception.
If you feel that our assumption is incorrect, you can use a @CheckReturnValue annotation to instruct FindBugs that ignoring the return value of this method is acceptable.
 
   
未使用的代码最好去掉
 
   
 
    
1 public List GetSubByWaybillNo(String listno) {
2         if (listno.length() == 0) {
3             new java.util.ArrayList();
4         }
5 
6         String[] list = listno.split(",");
7         return taSubdivisionBagService.GetSubByWaybillNo(list);
8     }
 
   
 
   
 
 
   
  12.Dubious method used
 
   
    a.Thread passed where Runnable expected(严重)
 
   
A Thread object is passed as a parameter to a method where a Runnable is expected. This is rather unusual, and may indicate a logic error or cause unexpected behavior.
 
   
Thread对象作为参数传递给期望Runnable的方法。 这很不寻常,可能表示存在逻辑错误或导致意外行为。
 
   
 
    
 1     ExecutorService es = Executors.newCachedThreadPool();
 2         
 3         for(TsPositionConfig entity : list) {
 4             es.execute(new Thread(() -> {
 5                 OpenOrClose(entity);
 6             }));
 7             es.execute(new Runnable() {
 8                            @Override
 9                            public void run() {
10                                OpenOrClose(entity);
11                            }
12             });
13         }
14         es.shutdown();    
 
   
 
   
 
 
   
  13.Unwritten field
 
   
    a.Unwritten public or protected field
 
   
No writes were seen to this public/protected field.  All reads of it will return the default value. Check for errors (should it have been initialized?), or remove it if it is useless.
 
   
未被使用的public 或 protected 属性,
 
   
  14.Unread field
 
   
    a.Unread public/proected field
 
   
This field is never read.  The field is public or protected, so perhaps it is intended to be used with classes not seen as part of the analysis. If not, consider removing it from the class.
 
   
未被使用的public 或 protected 属性
 
   
  15.Unused field
 
   
    a.Unused public or protected field
 
   
This field is never used.  The field is public or protected, so perhaps it is intended to be used with classes not seen as part of the analysis. If not, consider removing it from the class.
 
   
未被使用的public 或 protected 属性
 
   
 
 
   
四 Experimental(可试验代码/有潜在风险代码,主要是资源回收方面)
 
   
  1.Unsatisfied obligation to clean up stream or resource
 
   
    a.Method may fail to clean up stream or resource on checked exception
 
   
This method may fail to clean up (close, dispose of) a stream, database object, or other resource requiring an explicit cleanup operation.
In general, if a method opens a stream or other resource, the method should use a try/finally block to ensure that the stream or resource is cleaned up before the method returns.
This bug pattern is essentially the same as the OS_OPEN_STREAM and ODR_OPEN_DATABASE_RESOURCE bug patterns, but is based on a different (and hopefully better) static analysis technique. We are interested is getting feedback about the usefulness of this bug pattern. To send feedback, either:
send email to [email protected]
file a bug report: http://findbugs.sourceforge.net/reportingBugs.html
In particular, the false-positive suppression heuristics for this bug pattern have not been extensively tuned, so reports about false positives are helpful to us.
See Weimer and Necula, Finding and Preventing Run-Time Error Handling Mistakes, for a description of the analysis technique.
 
   
方法可能因为checked exception导致清理流或资源失败
 
   
 
    
 1 public static String doPost(final Map strParams, final Map fileParams) {
 2         HttpURLConnection conn = null;
 3         try {
 4             URL url = new URL(Const.ErpfileUrl);
 5             conn = (HttpURLConnection) url.openConnection();
 6             conn.setRequestMethod("POST");
 7             conn.setReadTimeout(TIME_OUT);
 8             conn.setConnectTimeout(TIME_OUT);
 9             conn.setDoOutput(true);
10             conn.setDoInput(true);
11             conn.setUseCaches(false);// Post 请求不能使用缓存
12             // 设置请求头参数
13             conn.setRequestProperty("Connection", "Keep-Alive");
14             conn.setRequestProperty("Charset", "UTF-8");
15             conn.setRequestProperty("Content-Type", CONTENT_TYPE + "; boundary=" + BOUNDARY);
16             /**
17              * 请求体
18              */
19             // 上传参数
20             DataOutputStream dos = new DataOutputStream(conn.getOutputStream());
21             // getStrParams()为一个
22             dos.writeBytes(getStrParams(strParams).toString());
23             dos.flush();
24 
25             // 文件上传
26             StringBuilder fileSb = new StringBuilder();
27             for (Map.Entry fileEntry : fileParams.entrySet()) {
28                 fileSb.append(PREFIX).append(BOUNDARY).append(LINE_END)
29                         /**
30                          * 这里重点注意: name里面的值为服务端需要的key 只有这个key 才可以得到对应的文件 filename是文件的名字,包含后缀名的
31                          * 比如:abc.png
32                          */
33                         .append("Content-Disposition: form-data; name=\"file\"; filename=\"" + fileEntry.getKey() + "\"" + LINE_END)
34                         .append("Content-Type: */*" + LINE_END) // 此处的ContentType不同于 请求头 中Content-Type
35                         .append(LINE_END);// 参数头设置完以后需要两个换行,然后才是参数内容
36                 dos.writeBytes(fileSb.toString());
37                 dos.flush();
38                 InputStream is = new FileInputStream(fileEntry.getValue());
39                 try {
40                     byte[] buffer = new byte[1024];
41                     int len = 0;
42                     while ((len = is.read(buffer)) != -1) {
43                         dos.write(buffer, 0, len);
44                     }
45                 }
46                 catch (Exception ex)
47                 {
48                     ex.printStackTrace();
49                 }
50                 finally {
51                     is.close();
52                 }
53                 dos.writeBytes(LINE_END);
54             }
55             // 请求结束标志
56             dos.writeBytes(PREFIX + BOUNDARY + PREFIX + LINE_END);
57             dos.flush();
58             dos.close();
59 
60             BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream()));
61             StringBuilder response = new StringBuilder();
62             String line = null;
63             while ((line = reader.readLine()) != null) {
64                 response.append(line);
65             }
66             return response.toString();
67         } catch (Exception e) {
68             e.printStackTrace();
69         } finally {
70             if (conn != null) {
71                 conn.disconnect();
72             }
73         }
74 
75         return "";
76     }
 
   
 
   
 
 
   
    b.Method may fail to clean up stream or resource
 
   
This method may fail to clean up (close, dispose of) a stream, database object, or other resource requiring an explicit cleanup operation.
In general, if a method opens a stream or other resource, the method should use a try/finally block to ensure that the stream or resource is cleaned up before the method returns.
 
   
需显示的回收资源
 
   
 
    
 1     public final void setFilePath(String value) {
 2             FilePath = value;
 3             if (StringUtils.isNotBlank(value)) {
 4                 File file = new File(value);
 5                 if (file.exists()) {
 6                     try {
 7                         InputStream is=new FileInputStream(file);
 8                             this.setStream(is);
 9                             is.close();
10                     } catch (FileNotFoundException e) {
11                         e.printStackTrace();
12                     }
13                     catch (IOException e)
14                     {
15                         e.printStackTrace();
16                     }
17                 }
18             }
19         }
 
   
 
   
 
 
   
 
 
   
五 Internationalization(国际化,当对字符串使用upper或lowercase方法,如果是国际的字符串,可能会不恰当的转换。)
 
   
  1.Dubious method used
 
   
    a.Reliance on default encoding
 
   
Found a call to a method which will perform a byte to String (or String to byte) conversion, and will assume that the default platform encoding is suitable. This will cause the application behaviour to vary between platforms. Use an alternative API and specify a charset name or Charset object explicitly.
 
   
不能随意信任默认字符编码,应显示处理
 
   
 
    
1    public final int Hash(String item) {
2 
3 //ORIGINAL LINE: uint hash = Hash(Encoding.ASCII.GetBytes(item));
4         int hash = Hash(item.getBytes("UTF-8"));
5         return (int)hash;
6     }
 
   
 
   
 
 
   
六 Performance(性能问题代码,可能导致性能不佳的代码)
 
   
  1.Dubious method used
 
   
    a.Method invokes inefficient new String(String) constructor
 
   
Using the java.lang.String(String) constructor wastes memory because the object so constructed will be functionally indistinguishable from the String passed as a parameter.  Just use the argument String directly.
 
   
方法调用了效率很低的new String(String)构造方法,只需直接使用String
 
   
 
    
1 String regexUnion = new String("^(130|131|132|155|156|185|186|145|176)[0-9]{8}$");
 
   
 
   
 
 
   
    b.Method invokes inefficient Boolean constructor;use Boolean.valueOf(...) instead
 
   
Creating new instances of java.lang.Boolean wastes memory, since Boolean objects are immutable and there are only two useful values of this type.  Use the Boolean.valueOf() method (or Java 1.5 autoboxing) to create Boolean objects instead.
 
   
方法调用了低效的Boolean构造方法;使用Boolean.valueOf(...)代替
 
   
 
    
1 mDebugLog.append("\n").append(String.format("IsTelePhoneVoice:{0}", (new Boolean(mIsTelePhoneVoice)).toString()));
2         mDebugLog.append("\n").append(String.format("IsTelePhoneVoice:{0}", Boolean.valueOf(mIsTelePhoneVoice)));
 
   
 
   
 
 
   
    c.Method invokes inefficient new String() constructor
 
   
Creating a new java.lang.String object using the no-argument constructor wastes memory because the object so created will be functionally indistinguishable from the empty string constant "".  Java guarantees that identical string constants will be represented by the same String object.  Therefore, you should just use the empty string constant directly.
 
   
使用了new String()
 
   
 
    
1 tA_RecordsChangeLogBLL.AddUpdateLog(people.getPeopleNo(), new String()"", peopleModelAfter,
2                 TaRecordsChangeLog.EnmuTableType.TB_People.getValue(), "整车业务", "");
 
   
 
   
 
 
   
  2.Inefficient Map Iterator
 
   
    a.Inefficient use of keySet iterator instead of entrySet iterator
 
   
This method accesses the value of a Map entry, using a key that was retrieved from a keySet iterator. It is more efficient to use an iterator on the entrySet of the map, to avoid the Map.get(key) lookup.
 
   
此方法使用从keySet迭代器检索的键访问Map条目的值。 在map的entrySet上使用迭代器更有效,以避免Map.get(键)查找。
 
   
 
    
  1 public List GetDriverScoreDetails(GetDriverScoreDetailsRequest request,Out rowTotal) {
  2         rowTotal.setData(0);
  3         if ((StringUtils.isBlank(request.getbeg_createtime()) && !StringUtils.isBlank(request.getend_createtime()))
  4                 || (StringUtils.isBlank(request.getend_createtime()) && !StringUtils.isBlank(request.getbeg_createtime()))) {
  5             throw new Exception("开始任务时间和结束任务时间必须同时输入或同时不输入!");
  6         }
  7         Date dt_beg_tasktime = null;
  8         try {
  9             dt_beg_tasktime = TimeUtils.format(request.getbeg_createtime(), TimeUtils.YYYY_MM_DD_HH_MM_SS);
 10         } catch (Exception e) {
 11             dt_beg_tasktime = null;
 12         }
 13 
 14         Date dt_end_tasktime = null;
 15         try {
 16             dt_end_tasktime = TimeUtils.format(request.getend_createtime(), TimeUtils.YYYY_MM_DD_HH_MM_SS);
 17         } catch (Exception e) {
 18             dt_end_tasktime = null;
 19         }
 20 
 21         if(StringUtils.isBlank(request.getbeg_createtime()) || StringUtils.isBlank(request.getend_createtime())) {
 22             throw new Exception("开始任务时间或结束任务时间不能为空!");
 23         }else if ((!StringUtils.isBlank(request.getbeg_createtime()) && dt_beg_tasktime == null)
 24                 || (!StringUtils.isBlank(request.getend_createtime()) && dt_end_tasktime == null)) {
 25             throw new Exception("开始任务时间或结束任务时间格式不正确!");
 26         } else if (dt_beg_tasktime.after(dt_end_tasktime)) {
 27             throw new Exception("开始任务时间不能大于结束任务时间!");
 28         }
 29 
 30 
 31         List lstDriverScore =taDriveScoreDetailsService.GetDriverScoreDetails(request, rowTotal);
 32         if (lstDriverScore == null) {
 33             return null;
 34         }
 35 
 36         lstDriverScore.stream().filter(d -> d.getIsDel() != null && d.getIsDel().intValue() == 0).collect(Collectors.toList());
 37 
 38         Map> detailGroupBy = new HashMap<>();
 39         for (TaDriveScoreDetails scoreDetails : lstDriverScore) {
 40             String key = scoreDetails.getCol002() + "-" + scoreDetails.getCol011() + "-" + scoreDetails.getCol012() + "-" + scoreDetails.getCol003();
 41             List temp = null;
 42             if (detailGroupBy.containsKey(key)) {
 43                 temp = detailGroupBy.get(key);
 44             } else {
 45                 temp = new ArrayList<>();
 46             }
 47             temp.add(scoreDetails);
 48             detailGroupBy.put(key, temp);
 49         }
 50         List listModel = new ArrayList();
 51         Iterator>> it=detailGroupBy.entrySet().iterator();
 52         while (it.hasNext())
 53         {
 54             Map.Entry> me=it.next();
 55             String key=me.getKey();
 56             List list=me.getValue();
 57         for (String key : detailGroupBy.keySet()) {
 58             List list = detailGroupBy.get(key);
 59             if (list == null || list.size() == 0)
 60                 continue;
 61 
 62             GetDriverScoreDetailsModel model = new GetDriverScoreDetailsModel();
 63             String[] keyarray = key.split("-");
 64             model.setDriver_name(keyarray[0]);
 65             model.setPosition_name(keyarray[1]);
 66             model.setDept(keyarray[2]);
 67             model.setTask_no(keyarray[3]);
 68 
 69             try {
 70                 String taskTime = TimeUtils.parseDateToStr(list.get(0).getCol004(), TimeUtils.YYYY_MM_DD_HH_MM_SS);
 71                 model.setTask_time(taskTime);
 72             } catch (Exception e) {
 73                 model.setTask_time(null);
 74             }
 75 
 76             try {
 77                 String advanceTime = TimeUtils.parseDateToStr(list.get(0).getCol005(), TimeUtils.YYYY_MM_DD_HH_MM_SS);
 78                 model.setSign_time(advanceTime);
 79             } catch (Exception e) {
 80                 model.setSign_time(null);
 81             }
 82 
 83             try {
 84                 String createtime = TimeUtils.parseDateToStr(list.get(0).getCreateTime(), TimeUtils.YYYY_MM_DD_HH_MM_SS);
 85                 model.setCreatetime(createtime);
 86             } catch (Exception e) {
 87                 model.setCreatetime(null);
 88             }
 89             model.setIs_late((list.get(0).getCol007() != null && list.get(0).getCol007().intValue() == 1) ? "是" : "否");
 90 
 91             Map collect = list.stream()
 92                     .collect(Collectors.groupingBy(TaDriveScoreDetails::getCol038, Collectors.summarizingDouble(TaDriveScoreDetails::getCol008)));
 93 
 94             model.setReminder_penalty(collect.get(ScoreType.UrgeScore.code) != null ? collect.get(ScoreType.UrgeScore.code).getSum() + "" : "");
 95             model.setVoice_penalty(collect.get(ScoreType.TelVoiceScore.code) != null ? collect.get(ScoreType.TelVoiceScore.code).getSum() + "" : "");
 96             model.setRefuse_penalty(
 97                     collect.get(ScoreType.RefuseOrderScore.code) != null ? collect.get(ScoreType.RefuseOrderScore.code).getSum() + "" : "");
 98             model.setBelate_penalty(
 99                     collect.get(ScoreType.BeLateVoiceScore.code) != null ? collect.get(ScoreType.BeLateVoiceScore.code).getSum() + "" : "");
100             model.setTimeout_penalty(
101                     collect.get(ScoreType.TimeOutVoiceScore.code) != null ? collect.get(ScoreType.TimeOutVoiceScore.code).getSum() + "" : "");
102 
103             listModel.add(model);
104         }
105         return listModel;
106     }
 
   
 
   
 
 
   
  3.String concatenation in loop using + operator
 
   
    a.Method concatenates strings using + in a loop
 
   
The method seems to be building a String using concatenation in a loop. In each iteration, the String is converted to a StringBuffer/StringBuilder, appended to, and converted back to a String. This can lead to a cost quadratic in the number of iterations, as the growing string is recopied in each iteration.
Better performance can be obtained by using a StringBuffer (or StringBuilder in Java 1.5) explicitly.
For example:
 // This is bad
 String s = "";
 for (int i = 0; i < field.length; ++i) {
 s = s + field[i];
 }
 
   
 // This is better
 StringBuffer buf = new StringBuffer();
 for (int i = 0; i < field.length; ++i) {
 buf.append(field[i]);
 }
 String s = buf.toString();
 
   
loop里面应该使用StringBuffer替换+号
 
   
 
    
 1 /**
 2    * 返回一个随机数
 3    *
 4    * @param i
 5    * @return
 6    */
 7   public static String getRandom(int i) {
 8     Random jjj = new Random();
 9     // int suiJiShu = jjj.nextInt(9);
10     if (i == 0)
11       return "";
12     String jj = "";
13     StringBuffer jj=new StringBuffer();
14     for (int k = 0; k < i; k++) {
15       jj = jj + jjj.nextInt(9);
16       jj.append(jjj.nextInt(9));
17     }
18     return jj;
19   }
 
   
 
   
 
 
   
  4.Questionable Boxing of primitive value
 
   
    a.Boxed value is unboxed and then immediately reboxed
 
   
A boxed value is unboxed and then immediately reboxed.
 
   
装箱的值被拆箱,然后立刻重新装箱了(三元运算符两个分支的返回类型保持一致)
 
   
 
    
 1 public final TaCustomerCharacter Create(TaMonthProfit profit) {
 2         TaCustomerCharacter customer = new TaCustomerCharacter();
 3         customer.setId(Util.CreateDbGUID());
 4         customer.setCreateTime(new Date());
 5         customer.setLastUpdateTime(new Date());
 6         customer.setCompanyName(profit.getCompanyName());
 7         customer.setCompanyNo(profit.getCompanyNo());
 8         customer.setCol007(profit.getSumProfit());
 9    customer.setCol008(profit.getGoodTimeRate() == 0 ? 100 : profit.getGoodTimeRate() );
10         customer.setCol008(profit.getGoodTimeRate() == 0 ? Double.valueOf(100) : profit.getGoodTimeRate() );
11         customer.setCol009(profit.getThisDayRate() == 0 ?100 : profit.getThisDayRate());
12         customer.setCol009(profit.getThisDayRate() == 0 ? Double.valueOf(100) : profit.getThisDayRate());
13         return customer;
14     }
 
   
 
   
 
 
   
    b.Boxing/unboxing to parse a pimitive
 
   
A boxed primitive is created from a String, just to extract the unboxed primitive value. It is more efficient to just call the static parseXXX method.
 
   
使用parseXXX效率会更高点
 
   
 
    
 1 private void GetLogisticsList(Map dic, String url, List response) {
 2         String res = OpenApi.request(url, dic);
 3         if (StringUtils.isNotBlank(res)) {
 4             KyeResponse> responseModel = JSONObject.parseObject(res,
 5                     new TypeReference>>() {
 6                     });
 7             if (responseModel.isFail())
 8                 return;
 9             if (responseModel.getData() == null || responseModel.getData().getRows() == null || responseModel.getData().getRows().size() == 0)
10                 return;
11 
12             List list = JSON.parseArray(JSON.toJSONString(responseModel.getData().getRows()),LogisticsXDResponseModel.class);
13             for (LogisticsXDResponseModel model : list) {
14                 response.add(LogisticsXDConverter.ToEntity(model));
15             }
16 
17             if (responseModel.getData().getPage() < responseModel.getData().getPageTotal()) {
18                 dic.put("page", Integer.valueOf(dic.get("page") + "") + 1); // 下一页递归
19                 dic.put("page", Integer.parseInt(dic.get("page").toString()) + 1); // 下一页递归
20                 GetLogisticsList(dic, url, response);
21             }
22         }
23     }
 
   
 
   
 
 
   
    c.Methiod allocates a boxed primitive just to call toString
 
   
A boxed primitive is allocated just to call toString(). It is more effective to just use the static form of toString which takes the primitive value. So,
Replace...
With this...
new Integer(1).toString()
Integer.toString(1)
new Long(1).toString()
Long.toString(1)
new Float(1.0).toString()
Float.toString(1.0)
new Double(1.0).toString()
Double.toString(1.0)
new Byte(1).toString()
Byte.toString(1)
new Short(1).toString()
Short.toString(1)
new Boolean(true).toString()
Boolean.toString(true)
 
   
使用.toString效率更高
 
   
 
    
1 if ((new Integer(TaExceptionTask.ExceptionType.Refuse.code)).toString()
2             if ((Integer.toString(TaExceptionTask.ExceptionType.Refuse.code))
3                     .equals(verExReq.getExceptionType())) {
4                 status = TaExceptionTask.EnumVerifyStatus.NoPenalty;
5                 iFlag = 2;
6                 logType = 0;
7             } 
 
   
 
   
 
 
   
    d.Method invokes inefficient Number constructor;use static valueOf instead
 
   
Using new Integer(int) is guaranteed to always result in a new object whereas Integer.valueOf(int) allows caching of values to be done by the compiler, class library, or JVM. Using of cached values avoids object allocation and the code will be faster.
Values between -128 and 127 are guaranteed to have corresponding cached instances and using valueOf is approximately 3.5 times faster than using constructor. For values outside the constant range the performance of both styles is the same.
Unless the class must be compatible with JVMs predating Java 1.5, use either autoboxing or the valueOf() method when creating instances of Long, Integer, Short, Character, and Byte.
 
   
使用new Integer(int)会产生新的对象,使用静态Integer.valueOf(int)会使用缓存避免对象分配,valueOf更加高效,
 
   
 
    
1 model.setExceptionStatus(exTask.getExceptionUploadStatus() == 0 ? ""
2                     : (new Integer(exTask.getExceptionUploadStatus()))+"");
3             model.setExceptionStatus(exTask.getExceptionUploadStatus() == 0 ? ""
4                     : (Integer.toString(exTask.getExceptionUploadStatus())));
 
   
 
   
 
 
   
  5.Inner class could be made static
 
   
    a.Should be a static inner class
 
   
This class is an inner class, but does not use its embedded reference to the object which created it.  This reference makes the instances of the class larger, and may keep the reference to the creator object alive longer than necessary.  If possible, the class should be made static.
 
   
应该是一个静态内部类
 
   
 
    
 1 private static class IntegerToEnumextends IntToEnumConverter> implements Converter {
 2 
 3         private final T[] values;
 4 
 5         public IntegerToEnum(Class targetType) {
 6             values = targetType.getEnumConstants();
 7         }
 8 
 9         @Override
10         public T convert(String source) {
11             for (T t : values) {
12                 if (((BaseEnum) t).getValue() == Integer.parseInt(source)) {
13                     return t;
14                 }
15             }
16             return null;
17         }
18     }
 
   
 
   
 
 
   
  6.Unread field should be static
 
   
    a.Unread field: should this field be static
 
   
This class contains an instance final field that is initialized to a compile-time static value. Consider making the field static.
 
   
未读取的属性:这个属性是否应该是static的?
 
   
 
    
1 private final static String defaultMapperName = "Converter";
 
   
 
   
 
 
   
  7.Unread field
 
   
    a.Unread field
 
   
This field is never read.  Consider removing it from the class.
 
   
未使用的属性,建议移除
 
   
七 Malicious code vulnerability(如果公开会被恶意攻击的代码)
 
   
  1.Mutable static field
 
   
    a.Field isn't final but should be
 
   
This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.
 
   
应该使用final修饰
 
   
 
 
   
    b.Public static method may expose internal representation
 
   
A public static method returns a reference to an array that is part of the static state of the class. Any code that calls this method can freely modify the underlying array. One fix is to return a copy of the array.
 
   
Public static方法可能因为返回了一个数组而暴露内部实现,可返回数组克隆
 
   
 
    
1 private static TaTask.EnumStatus[] privateNoAllowRedo;
2     public static TaTask.EnumStatus[] getNoAllowRedo()
3     {
4         return privateNoAllowRedo.clone();
5     }
 
   
 
   
 
 
   
    c.Field should be package protected
 
   
A mutable static field could be changed by malicious code or by accident. The field could be made package protected to avoid this vulnerability.
 
   
 属性应该是package protected
 
   
 
 
   
    d.Field is a mutable collection
 
   
A mutable collection instance is assigned to a final static field, thus can be changed by malicious code or by accident from another package. Consider wrapping this field into Collections.unmodifiableSet/List/Map/etc. to avoid this vulnerability.
 
   
如何设置一个static不可变集合,以及非静态的setter调用静态的setter方法给静态成员变量赋值。
 
   
 
    
 1 public static final java.util.HashMap ProvinceDicData = new java.util.HashMap();
 2     static {
 3         ProvinceDicData.put("津", 101);
 4         ProvinceDicData.put("冀", 102);
 5         ProvinceDicData.put("晋", 103);
 6         ProvinceDicData.put("蒙", 104);
 7         ProvinceDicData.put("辽", 105);
 8         ProvinceDicData.put("吉", 106);
 9         ProvinceDicData.put("黑", 107);
10         ProvinceDicData.put("沪", 108);
11         ProvinceDicData.put("苏", 109);
12         ProvinceDicData.put("浙", 110);
13         ProvinceDicData.put("皖", 111);
14         ProvinceDicData.put("闽", 112);
15         ProvinceDicData.put("赣", 113);
16         ProvinceDicData.put("鲁", 114);
17         ProvinceDicData.put("豫", 115);
18         ProvinceDicData.put("鄂", 116);
19         ProvinceDicData.put("湘", 117);
20         ProvinceDicData.put("粤", 118);
21         ProvinceDicData.put("桂", 119);
22         ProvinceDicData.put("琼", 120);
23         ProvinceDicData.put("渝", 121);
24         ProvinceDicData.put("川", 122);
25         ProvinceDicData.put("贵", 123);
26         ProvinceDicData.put("滇", 124);
27         ProvinceDicData.put("藏", 125);
28         ProvinceDicData.put("陕", 126);
29         ProvinceDicData.put("甘", 127);
30         ProvinceDicData.put("青", 128);
31         ProvinceDicData.put("宁", 129);
32         ProvinceDicData.put("新", 130);
33         ProvinceDicData.put("台", 131);
34         ProvinceDicData.put("港", 132);
35         ProvinceDicData.put("澳", 133);
36         ProvinceDicData.put("京", 134);
37         ProvinceDicData.put("云", 135);
38         ProvinceDicData.put("蜀", 136);
39         ProvinceDicData.put("黔", 137);
40         ProvinceDicData.put("秦", 138);
41         ProvinceDicData.put("陇", 139);
42     }
43     public static java.util.Map ProvinceDicData;
44     public void setProvinceDicData(java.util.Map map){this.setProvinceDicDataValue(map);}
45     public static void setProvinceDicDataValue(java.util.Map map)
46     {
47         Const.ProvinceDicData=map;
48     }
49     {
50         java.util.Map map= Maps.newHashMap();
51         map.put("津", 101);
52         map.put("冀", 102);
53         map.put("晋", 103);
54         map.put("蒙", 104);
55         map.put("辽", 105);
56         map.put("吉", 106);
57         map.put("黑", 107);
58         map.put("沪", 108);
59         map.put("苏", 109);
60         map.put("浙", 110);
61         map.put("皖", 111);
62         map.put("闽", 112);
63         map.put("赣", 113);
64         map.put("鲁", 114);
65         map.put("豫", 115);
66         map.put("鄂", 116);
67         map.put("湘", 117);
68         map.put("粤", 118);
69         map.put("桂", 119);
70         map.put("琼", 120);
71         map.put("渝", 121);
72         map.put("川", 122);
73         map.put("贵", 123);
74         map.put("滇", 124);
75         map.put("藏", 125);
76         map.put("陕", 126);
77         map.put("甘", 127);
78         map.put("青", 128);
79         map.put("宁", 129);
80         map.put("新", 130);
81         map.put("台", 131);
82         map.put("港", 132);
83         map.put("澳", 133);
84         map.put("京", 134);
85         map.put("云", 135);
86         map.put("蜀", 136);
87         map.put("黔", 137);
88         map.put("秦", 138);
89         map.put("陇", 139);
90         this.setProvinceDicData(Collections.unmodifiableMap(map));
91     }
 
   
 
   
 
 
   
    e.Field is a mutable collection which should be package protected
 
   
A mutable collection instance is assigned to a final static field, thus can be changed by malicious code or by accident from another package. The field could be made package protected to avoid this vulnerability. Alternatively you may wrap this field into Collections.unmodifiableSet/List/Map/etc. to avoid this vulnerability.
 
   
与d一致处理
 
   
  2.Storing reference to mutable object
 
   
    a.May expose internal representation by incorporating reference to mutable object(严重)
 
   
This code stores a reference to an externally mutable object into the internal representation of the object.  If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.
 
   
此代码将对外部可变对象的引用存储到对象的内部表示中。即外部代码值改变会引起对象值改变,涉及到引用传递值的问题。
 
   
测试代码:
 
   
 
    
1         LogisticsXDDispatchMessage2 logisticsXDDispatchMessage2=new LogisticsXDDispatchMessage2();
2         java.util.Date dt= new java.util.Date();
3         logisticsXDDispatchMessage2.setOrderTime(dt);
4         System.out.printf(logisticsXDDispatchMessage2.getOrderTime().toString()+"%n");
5         dt.setMonth(1);
6         System.out.printf(logisticsXDDispatchMessage2.getOrderTime().toString());
 
   
 
   
输出:
 
   
 
    
1 Fri Apr 19 16:01:18 CST 2019
2 Tue Feb 19 16:01:18 CST 2019
 
   
 
   
 
    
 1 public class LogisticsXDDispatchMessage2 implements Serializable {
 2         @JsonFormat(pattern="yyyy-MM-dd HH:mm:dd")
 3         private Date orderTime;
 4         public void setOrderTime(Date orderTime) {
 5              this.orderTime = (Date) orderTime.clone();
 6          }
 7          public Date getOrderTime() {
 8              return (Date) orderTime.clone();
 9          }
10 }
 
   
 
   
 
 
   
  3.Method returning array may expose internal representation
 
   
    a.May expose internal representation by returning reference to mutable object
 
   
Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object.  If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new copy of the object is better approach in many situations.
 
   
同2处理方式一致
 
   
 
 
   
参考:https://my.oschina.net/bairrfhoinn/blog/156200
 
   
  
转载于:https://www.cnblogs.com/wenthing/p/10736602.html
 
  

                            
                        
                    
                    
                    

                    
                    
                    

                
                

                    
                

            
        
    
    

        
你可能感兴趣的:(2.findbugs总结)

        

            

                
    
                    
  • OC语言多界面传值五大方式
                        Magnetic_h
iosui学习objective-c开发语言
                        
    前言在完成暑假仿写项目时,遇到了许多需要用到多界面传值的地方,这篇博客来总结一下比较常用的五种多界面传值的方式。属性传值属性传值一般用前一个界面向后一个界面传值,简单地说就是通过访问后一个视图控制器的属性来为它赋值,通过这个属性来做到从前一个界面向后一个界面传值。首先在后一个界面中定义属性@interfaceBViewController:UIViewController@propertyNSSt
    
                    
    • 
                    
  • 水平垂直居中的几种方法(总结)
                        LJ小番茄
CSS_玄学语言htmljavascript前端csscss3
                        
    1.使用flexbox的justify-content和align-items.parent{display:flex;justify-content:center;/*水平居中*/align-items:center;/*垂直居中*/height:100vh;/*需要指定高度*/}2.使用grid的place-items:center.parent{display:grid;place-item
    
                    
    • 
                    
  • 【一起学Rust | 设计模式】习惯语法——使用借用类型作为参数、格式化拼接字符串、构造函数
                        广龙宇
一起学Rust#Rust设计模式rust设计模式开发语言
                        
    提示:文章写完后,目录可以自动生成,如何生成可参考右边的帮助文档文章目录前言一、使用借用类型作为参数二、格式化拼接字符串三、使用构造函数总结前言Rust不是传统的面向对象编程语言,它的所有特性,使其独一无二。因此,学习特定于Rust的设计模式是必要的。本系列文章为作者学习《Rust设计模式》的学习笔记以及自己的见解。因此,本系列文章的结构也与此书的结构相同(后续可能会调成结构),基本上分为三个部分
    
                    
    • 
                    
  • 关于提高复杂业务逻辑代码可读性的思考
                        编程经验分享
开发经验java数据库开发语言
                        
    目录前言需求场景常规写法拆分方法领域对象总结前言实际工作中大部分时间都是在写业务逻辑,一般都是三层架构,表示层(Controller)接收客户端请求,并对入参做检验,业务逻辑层(Service)负责处理业务逻辑,一般开发都是在这一层中写具体的业务逻辑。数据访问层(Dao)是直接和数据库交互的,用于查数据给业务逻辑层,或者是将业务逻辑层处理后的数据写入数据库。简单的增删改查接口不用多说,基本上写好一
    
                    
    • 
                    
  • 拥有断舍离的心态,过精简生活--《断舍离》读书笔记
                        爱吃丸子的小樱桃

                        
    不知不觉间房间里的东西越来越多,虽然摆放整齐,但也时常会觉得空间逼仄,令人心生烦闷。抱着断舍离的态度,我开始阅读《断舍离》这本书,希望从书中能找到一些有效的方法,帮助我实现空间、物品上的断舍离。《断舍离》是日本作家山下英子通过自己的经历、思考和实践总结而成的,整体内涵也从刚开始的私人生活哲学的“断舍离”升华成了“人生实践哲学”,接着又成为每个人都能实行的“改变人生的断舍离”,从“哲学”逐渐升华成“
    
                    
    • 
                    
  • 每日算法&面试题,大厂特训二十八天——第二十天(树)
                        肥学
⚡算法题⚡面试题每日精进java算法数据结构
                        
    目录标题导读算法特训二十八天面试题点击直接资料领取导读肥友们为了更好的去帮助新同学适应算法和面试题,最近我们开始进行专项突击一步一步来。上一期我们完成了动态规划二十一天现在我们进行下一项对各类算法进行二十八天的一个小总结。还在等什么快来一起肥学进行二十八天挑战吧!!特别介绍小白练手专栏,适合刚入手的新人欢迎订阅编程小白进阶python有趣练手项目里面包括了像《机器人尬聊》《恶搞程序》这样的有趣文章
    
                    
    • 
                    
  • 阶段总结反思
                        轻争

                        
    马上就要进入10月份了,今天做一下前段时间的总结和反思。前段时间,日更、英语、健身、护肤坚持的比较好。阅读、书法坚持的不好。1.中间被迫停更半个多月,其余时间一直在坚持日更挑战。偶尔也有不想写的时候,就做一下摘抄。因为阅读(输入)没跟上来,所以写作(输出)质量有待进一步加强。2.英语做到了一周至少学习5天,每次不少于30分钟,但是小班课没有跟上更新速度,下一步要争取利用零碎时间补听小班课。3.减肥
    
                    
    • 
                    
  • 【华为OD技术面试真题 - 技术面】- python八股文真题题库(4)
                        算法大师
华为od面试python
                        
    华为OD面试真题精选专栏:华为OD面试真题精选目录:2024华为OD面试手撕代码真题目录以及八股文真题目录文章目录华为OD面试真题精选**1.Python中的`with`**用途和功能自动资源管理示例:文件操作上下文管理协议示例代码工作流程解析优点2.\_\_new\_\_和**\_\_init\_\_**区别__new____init__区别总结3.**切片(Slicing)操作**基本切片语法
    
                    
    • 
                    
  • Python爬虫解析工具之xpath使用详解
                        eqa11
python爬虫开发语言
                        
    文章目录Python爬虫解析工具之xpath使用详解一、引言二、环境准备1、插件安装2、依赖库安装三、xpath语法详解1、路径表达式2、通配符3、谓语4、常用函数四、xpath在Python代码中的使用1、文档树的创建2、使用xpath表达式3、获取元素内容和属性五、总结Python爬虫解析工具之xpath使用详解一、引言在Python爬虫开发中,数据提取是一个至关重要的环节。xpath作为一门
    
                    
    • 
                    
  • 主题升华随机抽总结
                        木棉咕噜

                        
    昨天晚上在火山灿教练那里抽了主题升华最后一关。一共抽了两个故事,现总结如下。第一个故事是《并不是你想象的那样》。主题一:有时候,面对别人一些貌似不合常情的行为,不要轻易的指责他,也许背后有我们所不知道的原因。在这一个主题里面,刚开始的时候,我没有加上貌似二字。所以就没有改动之后这么精准。主题二:有时候我们对他人善意的行为,可能会给我们带来一些意外的回报。主题三:面对同样一件事,因为不同的人看待问题
    
                    
    • 
                    
  • 【无标题】达瓦达瓦
                        JhonKI
考研
                        
    博客主页:https://blog.csdn.net/2301_779549673欢迎点赞收藏⭐留言如有错误敬请指正!本文由JohnKi原创,首发于CSDN未来很长,值得我们全力奔赴更美好的生活✨文章目录前言111️‍111❤️111111111111111总结111前言111骗骗流量券,嘿嘿111111111111111111111111111️‍111❤️111111111111111总结11
    
                    
    • 
                    
  • 上图为是否色发
                        JhonKI
考研
                        
    博客主页:https://blog.csdn.net/2301_779549673欢迎点赞收藏⭐留言如有错误敬请指正!本文由JohnKi原创,首发于CSDN未来很长,值得我们全力奔赴更美好的生活✨文章目录前言111️‍111❤️111111111111111总结111前言111骗骗流量券,嘿嘿111111111111111111111111111️‍111❤️111111111111111总结11
    
                    
    • 
                    
  • 143234234123432
                        JhonKI
考研
                        
    博客主页:https://blog.csdn.net/2301_779549673欢迎点赞收藏⭐留言如有错误敬请指正!本文由JohnKi原创,首发于CSDN未来很长,值得我们全力奔赴更美好的生活✨文章目录前言111️‍111❤️111111111111111总结111前言111骗骗流量券,嘿嘿111111111111111111111111111️‍111❤️111111111111111总结11
    
                    
    • 
                    
  • 1分钟解决 -bash: mvn: command not found,在Centos 7中安装Maven
                        Energet!c
开发语言
                        
    1分钟解决-bash:mvn:commandnotfound,在Centos7中安装Maven检查Java环境1下载Maven2解压Maven3配置环境变量4验证安装5常见问题与注意事项6总结检查Java环境Maven依赖Java环境,请确保系统已经安装了Java并配置了环境变量。可以通过以下命令检查:java-version如果未安装,请先安装Java。1下载Maven从官网下载:前往Apach
    
                    
    • 
                    
  • CentOS的根目录下,/bin 和 /sbin 用途和权限
                        Energet!c
Linux日常centoslinux运维
                        
    CentOS的根目录下,/bin和/sbin用途和权限一、/bin(Binary)二、/sbin(SystemBinary)三、总结在CentOS的根目录下,/bin和/sbin目录有不同的用途和权限一、/bin(Binary)用途:存放系统的基本命令,这些命令对所有用户都是可用的。例如:ls、cp、mv、rm等。权限:普通用户和系统管理员都可以使用这些命令。二、/sbin(SystemBinar
    
                    
    • 
                    
  • linux 发展史
                        种树的猴子
内核java操作系统linux大数据
                        
    linux发展史说明此前对linux认识模糊一知半解,近期通过学习将自己对于linux的发展总结一下方便大家日后的学习。那Linux是目前一款非常火热的开源操作系统,可是linux是什么时候出现的,又是因为什么样的原因被开发出来的呢。以下将对linux的发展历程进行详细的讲解。目录一、Linux发展背景二、UINIX的诞生三、UNIX的重要分支-BSD的诞生四、Minix的诞生五、GNU与Free
    
                    
    • 
                    
  • 又到年末
                        伊人微语

                        
    今天,工作群里,各个部门开始提醒老师们上交各种期末总结资料,才蓦然感觉这个学期已接近尾声,才意识到2022即将过去,新的一年的脚步声已经越来越近不由得生阳一些感慨。年纪大了,感觉到每个日子都是“倏”地一声就过去了,来不及思量,来不及回顾,一年就这么过去了。我常常想,为什么会有这样的感觉呢?年轻时候的每一天是24小时,现在的每一天也不曾少过一分钟,为什么就会感觉到它的脚步越来越快呢?后来我想明白了,
    
                    
    • 
                    
  • 大都会资本BMAN的2018年终总结
                        非线性思考

                        
    1投资的本质是认知变现赚钱=足够的认知*高效的的变现。2投资的三大基石策略:提升认知高效变现知行合一3如果你亏钱了要么是认知的问题,要么是变现的问题,要么而是知行合一的问题。4投资需要知行合一,很简单的道理,却拦住了很多高手,是因为认知和行动中间还隔着人性。顶级的高手能把自己从贪嗔痴中抽离出来,顶级高手没有人性,只有原则。5如果你玩的是空气币,就不要幻想拿着它改变世界,那是你套出了幻觉,眼光放短一
    
                    
    • 
                    
  • 2024.9.6 Python,华为笔试题总结,字符串格式化,字符串操作,广度优先搜索解决公司组织绩效互评问题,无向图
                        RaidenQ
python华为leetcode算法力扣广度优先无向图
                        
    1.字符串格式化name="Alice"age=30formatted_string="Name:{},Age:{}".format(name,age)print(formatted_string)或者name="Alice"age=30formatted_string=f"Name:{name},Age:{age}"print(formatted_string)2.网络健康检查第一行有两个整数m
    
                    
    • 
                    
  • android 更改窗口的层次,浮窗开发之窗口层级
                        Ms.Bu
android更改窗口的层次
                        
    最近在项目中遇到了这样的需求:需要在特定的其他应用之上悬浮自己的UI交互(拖动、输入等复杂的UI交互),和九游的浮窗类似,不过我们的比九游的体验更好,我们越过了很多授权的限制。浮窗效果很多人都知道如何去实现一个简单的浮窗,但是却很少有人去深入的研究背后的流程机制,由于项目中浮窗交互比较复杂,遇到了些坑查看了很多资料,故总结浮窗涉及到的知识点:窗口层级关系(浮窗是如何“浮”的)?浮窗有哪些限制,如何
    
                    
    • 
                    
  • Python入门之Lesson2:Python基础语法
                        小熊同学哦
Python入门课程python开发语言算法数据结构青少年编程
                        
    目录前言一.介绍1.变量和数据类型2.常见运算符3.输入输出4.条件语句5.循环结构二.练习三.总结前言欢迎来到《Python入门》系列博客的第二课。在上一课中,我们了解了Python的安装及运行环境的配置。在这一课中,我们将深入学习Python的基础语法,这是编写Python代码的根基。通过本节内容的学习,你将掌握变量、数据类型、运算符、输入输出、条件语句等Python编程的基础知识。一.介绍1
    
                    
    • 
                    
  • Android应用性能优化
                        轻口味
Android
                        
    Android手机由于其本身的后台机制和硬件特点,性能上一直被诟病,所以软件开发者对软件本身的性能优化就显得尤为重要;本文将对Android开发过程中性能优化的各个方面做一个回顾与总结。Cache优化ListView缓存:ListView中有一个回收器,Item滑出界面的时候View会回收到这里,需要显示新的Item的时候,就尽量重用回收器里面的View;每次在getView函数中inflate新
    
                    
    • 
                    
  • 高考后该不该给孩子买电脑,什么情况能买?什么情况不能买?
                        寻求改变

                        
    我知道家长们很担心,怕买了电脑小孩沉迷游戏,耽误了学业,也不利于身体健康。对于准大学生来说,基本上在18岁左右,也不算小了,但在很多父母眼里,依旧是个小孩子。数据显示,这种情况是有发生的,大学生约70%的电脑主要被用于玩网络游戏,如果没有养成一个用良好的习惯,对孩子影响是非常大的。我总结为三买,三不买。最近有看到群里很多家长再问,小孩上大学该不该给他买电脑,要买和不买两种观点的家长都有,那么哪种情
    
                    
    • 
                    
  • 放松的一天
                        4da9b7687fa0

                        
    20190325总结起床07:20图片发自App睡觉:23:00天气:晴今日任务清单学习·信息·阅读•水滴阅读Day40Alice’sAdventuresinWonderlandChapter6.2图片发自App•BBC跟读训练营Day24图片发自App图片发自App图片发自App•潘多拉口语训练营Day6Wow.Whatabigboy!•文化知识学习今日无•阅读时间地狱健康·饮食·锻炼•饮食目标
    
                    
    • 
                    
  • 4 大低成本娱乐方式: 小说, 音乐, 视频, 电子游戏
                        穷人小水滴
娱乐音视频低成本小说游戏
                        
    穷人如何获得快乐?小说,音乐,视频,游戏,本文简单盘点一下这4大低成本(安全)娱乐方式.这里是穷人小水滴,专注于穷人友好型低成本技术.(本文为58号作品.)目录1娱乐方式1.1小说(网络小说)1.2音乐1.3视频(b站)1.4游戏(电子游戏/计算机软件)2低成本:一只手机即可3总结与展望1娱乐方式这几种,也可以说是艺术的具体形式.更专业的说,(娱乐)是劳动力再生产的重要组成部分.使人放松,获得快乐
    
                    
    • 
                    
  • 计算机网络八股总结
                        Petrichorzncu
八股总结计算机网络笔记
                        
    这里写目录标题网络模型划分(五层和七层)及每一层的功能五层网络模型七层网络模型(OSI模型)==三次握手和四次挥手具体过程及原因==三次握手四次挥手TCP/IP协议组成==UDP协议与TCP/IP协议的区别==Http协议相关知识网络地址,子网掩码等相关计算网络模型划分(五层和七层)及每一层的功能五层网络模型应用层:负责处理网络应用程序,如电子邮件、文件传输和网页浏览。主要协议包括HTTP、FTP
    
                    
    • 
                    
  • 【树一线性代数】005入门
                        Owlet_woodBird
算法
                        
    Index本文稍后补全,推荐阅读:https://blog.csdn.net/weixin_60702024/article/details/141874376分析实现总结本文稍后补全,推荐阅读:https://blog.csdn.net/weixin_60702024/article/details/141874376已知非空二叉树T的结点值均为正整数,采用顺序存储方式保存,数据结构定义如下:t
    
                    
    • 
                    
  • 今天是总结
                        薛帅

                        
    今天来个最后一天的总结。为什么要学习写作技巧呢?就如同建房子,如果想要住的安全、舒服,我们要先打地基,建房子的框架,这样才能随意的装修。那么我们要怎么建好才能建好写作的地基呢?1走直路,少弯路01利他:能够给别人带来价值。02吸引:吸住读者的眼球。03打动:打动人心,引起共鸣。04说服:用数据说话。05刻意:通过有意识的训练。06修改:好的文章至上修改10遍。07模仿:10万+的文章必有成功的道理
    
                    
    • 
                    
  • 2021年周总结 03
                        Ruby之家

                        
    这周的生活过得也是比较快,因为暂时住的离公司有点距离,所以通勤时间相对较长一点,而在地铁上的一个半小时如何充分利用起来,则是我最近一直在思考的问题,2021年想让自己的生活都运行在计划中。(有时候自己想干一件事情就总是给自己找很多借口,想着以后怎么怎么样?然而哪有那么多的以后,能够方便当下的工作生活就立马执行就OK,这仅仅只是我此时想到背的很重的老人机笔记本电脑,也算是陪伴我快8年的—当时买的时候
    
                    
    • 
                    
  • 2022-05-10
                        6d27355807f4

                        
    2022年5月10月《儿童纪律教育》培训总结---翟少静春蕾四幼给孩子自由是指在思想上给孩子自由,而管孩子是指在行为规范上管孩子。这二者的关系不仅不对立,而且需要相互配合。给孩子自由并不是让孩子想做什么就做什么,而是允许孩子思考自己行为的原因,思考各种可能性及后果,培养孩子对自我的清楚认识和思考的全面性。管孩子也不是让孩子什么都按照父母的标准去做,而是教孩子思考、寻找行为的现实性,培养孩子的责任感
    
                    
    • 
                                
  • springmvc 下 freemarker页面枚举的遍历输出
                                    杨白白
enumfreemarker
                                    
    spring mvc freemarker 中遍历枚举 
 
1枚举类型有一个本地方法叫values(),这个方法可以直接返回枚举数组。所以可以利用这个遍历。 
 

enum

public enum BooleanEnum {  
    TRUE(Boolean.TRUE, "是"), FALSE(Boolean.FALSE, "否");  

    
                                
    • 
                                
  • 实习简要总结
                                    byalias
工作
                                    
    来白虹不知不觉中已经一个多月了,因为项目还在需求分析及项目架构阶段,自己在这段 
时间都是在学习相关技术知识,现在对这段时间的工作及学习情况做一个总结: 
 
(1)工作技能方面 
大体分为两个阶段,Java Web 基础阶段和Java EE阶段 
 
1)Java Web阶段 
在这个阶段,自己主要着重学习了 JSP, Servlet, JDBC, MySQL,这些知识的核心点都过 
了一遍,也
    
                                
    • 
                                
  • Quartz——DateIntervalTrigger触发器
                                    eksliang
quartz
                                    
    转载请出自出处:http://eksliang.iteye.com/blog/2208559 一.概述 
simpleTrigger 内部实现机制是通过计算间隔时间来计算下次的执行时间,这就导致他有不适合调度的定时任务。例如我们想每天的 1:00AM 执行任务,如果使用 SimpleTrigger,间隔时间就是一天。注意这里就会有一个问题,即当有 misfired 的任务并且恢复执行时,该执行时间
    
                                
    • 
                                
  • Unix快捷键
                                    18289753290
unixUnix;快捷键;
                                    
    复制,删除,粘贴: 
dd:删除光标所在的行                             &nbs
    
                                
    • 
                                
  • 获取Android设备屏幕的相关参数
                                    酷的飞上天空
android
                                    
    包含屏幕的分辨率  以及 屏幕宽度的最大dp 高度最大dp   
  
        TextView text = (TextView)findViewById(R.id.text);
        DisplayMetrics dm = new DisplayMetrics();
        text.append("getResources().ge
    
                                
    • 
                                
  • 要做物联网?先保护好你的数据
                                    蓝儿唯美
数据
                                    
    根据Beecham Research的说法,那些在行业中希望利用物联网的关键领域需要提供更好的安全性。 
在Beecham的物联网安全威胁图谱上,展示了那些可能产生内外部攻击并且需要通过快速发展的物联网行业加以解决的关键领域。 
Beecham Research的技术主管Jon Howes说:“之所以我们目前还没有看到与物联网相关的严重安全事件,是因为目前还没有在大型客户和企业应用中进行部署,也就
    
                                
    • 
                                
  • Java取模(求余)运算
                                    随便小屋
java
                                    
            整数之间的取模求余运算很好求,但几乎没有遇到过对负数进行取模求余,直接看下面代码: 
/**
 * 
 * @author Logic
 *
 */
public class Test {

	public static void main(String[] args) {
		// TODO A
    
                                
    • 
                                
  • SQL注入介绍
                                    aijuans
sql注入
                                    
    二、SQL注入范例 
  
 这里我们根据用户登录页面 
  <form action="" > 用户名:<input type="text" name="username"><br/> 密 码:<input type="password" name="passwor
    
                                
    • 
                                
  • 优雅代码风格
                                    aoyouzi
代码
                                    
    总结了几点关于优雅代码风格的描述: 
 
 代码简单:不隐藏设计者的意图,抽象干净利落,控制语句直截了当。 
 接口清晰:类型接口表现力直白,字面表达含义,API 相互呼应以增强可测试性。 
 依赖项少:依赖关系越少越好,依赖少证明内聚程度高,低耦合利于自动测试,便于重构。 
 没有重复:重复代码意味着某些概念或想法没有在代码中良好的体现,及时重构消除重复。 
 战术分层:代码分层清晰,隔离明确,
    
                                
    • 
                                
  • 布尔数组
                                    百合不是茶
java布尔数组
                                    
      
androi中提到了布尔数组; 
  
布尔数组默认的是false,  并且只会打印false或者是true 
  
布尔数组的例子;  根据字符数组创建布尔数组 
		char[] c = {'p','u','b','l','i','c'};
		//根据字符数组的长度创建布尔数组的个数
		boolean[] b = new bool
    
                                
    • 
                                
  • web.xml之welcome-file-list、error-page
                                    bijian1013
javaweb.xmlservleterror-page
                                    
    welcome-file-list 
1.定义: 
<welcome-file-list>
    <welcome-file>login.jsp</welcome>
</welcome-file-list> 
 2.作用:用来指定WEB应用首页名称。 
  
error-page1.定义: 
<error-page&g
    
                                
    • 
                                
  • richfaces 4 fileUpload组件删除上传的文件
                                    sunjing
clearRichfaces 4fileupload
                                    
     页面代码       
        <h:form id="fileForm">            <rich:
    
                                
    • 
                                
  • 技术文章备忘
                                    bit1129
技术文章
                                    
    Zookeeper 
http://wenku.baidu.com/view/bab171ffaef8941ea76e05b8.html 
http://wenku.baidu.com/link?url=8thAIwFTnPh2KL2b0p1V7XSgmF9ZEFgw4V_MkIpA9j8BX2rDQMPgK5l3wcs9oBTxeekOnm5P3BK8c6K2DWynq9nfUCkRlTt9uV
    
                                
    • 
                                
  • org.hibernate.hql.ast.QuerySyntaxException: unexpected token: on near line 1解决方案
                                    白糖_
Hibernate
                                    
    文章摘自:http://blog.csdn.net/yangwawa19870921/article/details/7553181 
  
在编写HQL时,可能会出现这种代码: 
  
select a.name,b.age from TableA a left join TableB b on a.id=b.id 
 如果这是HQL,那么这段代码就是错误的,因为HQL不支持
    
                                
    • 
                                
  • sqlserver按照字段内容进行排序
                                    bozch
按照内容排序
                                    
    在做项目的时候,遇到了这样的一个需求: 
          从数据库中取出的数据集,首先要将某个数据或者多个数据按照地段内容放到前面显示,例如:从学生表中取出姓李的放到数据集的前面; 
         select * fro
    
                                
    • 
                                
  • 编程珠玑-第一章-位图排序
                                    bylijinnan
java编程珠玑
                                    
    

import java.io.BufferedWriter;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.io.Writer;
import java.util.Random;

public class BitMapSearch {

  
    
                                
    • 
                                
  • Java关于==和equals
                                    chenbowen00
java
                                    
    关于==和equals概念其实很简单,一个是比较内存地址是否相同,一个比较的是值内容是否相同。虽然理解上不难,但是有时存在一些理解误区,如下情况: 
1、 
 
String a = "aaa"; 
a=="aaa"; 
==> true 
2、 
 
new String("aaa")==new String("aaa
    
                                
    • 
                                
  • [IT与资本]软件行业需对外界投资热情保持警惕
                                    comsci
it
                                    
     
      我还是那个看法,软件行业需要增强内生动力,尽量依靠自有资金和营业收入来进行经营,避免在资本市场上经受各种不同类型的风险,为企业自主研发核心技术和产品提供稳定,温和的外部环境... 
 
      如果我们在自己尚未掌握核心技术之前,企图依靠上市来筹集资金,然后使劲往某个领域砸钱,然
    
                                
    • 
                                
  • oracle 数据块结构
                                    daizj
oracle数据块块结构行目录
                                    
    oracle 数据块是数据库存储的最小单位,一般为操作系统块的N倍。其结构为: 
 
块头--〉空行--〉数据,其实际为纵行结构。 
 
块的标准大小由初始化参数DB_BLOCK_SIZE指定。具有标准大小的块称为标准块(Standard Block)。块的大小和标准块的大小不同的块叫非标准块(Nonstandard Block)。同一数据库中,Oracle9i及以上版本支持同一数据库中同时使用标
    
                                
    • 
                                
  • github上一些觉得对自己工作有用的项目收集
                                    dengkane
github
                                    
    github上一些觉得对自己工作有用的项目收集  
   
技能类 
 
 markdown语法中文说明 
  
回到顶部 
   
全文检索 
 
  elasticsearch  
  bigdesk elasticsearch管理插件  
  
回到顶部 
   
nosql 
 
  mapdb 支持亿级别map, list, 支持事务. 可考虑做为缓存使用  
  C
    
                                
    • 
                                
  • 初二上学期难记单词二
                                    dcj3sjt126com
englishword
                                    
    dangerous 危险的 
panda 熊猫 
lion 狮子 
elephant 象 
monkey 猴子 
tiger 老虎 
deer 鹿 
snake 蛇 
rabbit 兔子 
duck 鸭 
horse 马 
forest 森林 
fall 跌倒;落下 
climb 爬;攀登 
finish 完成;结束 
cinema 电影院;电影 
seafood 海鲜;海产食品 
bank 银行
    
                                
    • 
                                
  • 8、mysql外键(FOREIGN KEY)的简单使用
                                    dcj3sjt126com
mysql
                                    
    一、基本概念 
1、MySQL中“键”和“索引”的定义相同,所以外键和主键一样也是索引的一种。不同的是MySQL会自动为所有表的主键进行索引,但是外键字段必须由用户进行明确的索引。用于外键关系的字段必须在所有的参照表中进行明确地索引,InnoDB不能自动地创建索引。 
2、外键可以是一对一的,一个表的记录只能与另一个表的一条记录连接,或者是一对多的,一个表的记录与另一个表的多条记录连接。 
3、如
    
                                
    • 
                                
  • java循环标签 Foreach
                                    shuizhaosi888
标签java循环foreach
                                    
    1. 简单的for循环 
	public static void main(String[] args) {
		for (int i = 1, y = i + 10; i < 5 && y < 12; i++, y = i * 2) {

			System.err.println("i=" + i + "    y=" 
    
                                
    • 
                                
  • Spring Security(05)——异常信息本地化
                                    234390216
exceptionSpring Security异常信息本地化
                                    
    异常信息本地化 
  
       Spring Security支持将展现给终端用户看的异常信息本地化,这些信息包括认证失败、访问被拒绝等。而对于展现给开发者看的异常信息和日志信息(如配置错误)则是不能够进行本地化的,它们是以英文硬编码在Spring Security的代码中的。在Spring-Security-core-x
    
                                
    • 
                                
  • DUBBO架构服务端告警Failed to send message Response
                                    javamingtingzhao
架构DUBBO
                                    
     废话不多说,警告日志如下,不知道有哪位遇到过,此异常在服务端抛出(服务器启动第一次运行会有这个警告),后续运行没问题,找了好久真心不知道哪里错了。 
  
 WARN 2015-07-18 22:31:15,272 com.alibaba.dubbo.remoting.transport.dispatcher.ChannelEventRunnable.run(84)
    
                                
    • 
                                
  • JS中Date对象中几个用法
                                    leeqq
JavaScriptDate最后一天
                                    
    近来工作中遇到这样的两个需求 
1. 给个Date对象,找出该时间所在月的第一天和最后一天 
2. 给个Date对象,找出该时间所在周的第一天和最后一天 
  
需求1中的找月第一天很简单,我记得api中有setDate方法可以使用 
使用setDate方法前,先看看getDate 
var date = new Date();
console.log(date);
// Sat J
    
                                
    • 
                                
  • MFC中使用ado技术操作数据库
                                    你不认识的休道人
sqlmfc
                                    
    1.在stdafx.h中导入ado动态链接库 
 
#import"C:\Program Files\Common Files\System\ado\msado15.dll" no_namespace rename("EOF","end")2.在CTestApp文件的InitInstance()函数中domodal之前写::CoIniti
    
                                
    • 
                                
  • Android Studio加速
                                    rensanning
android studio
                                    
    Android Studio慢、吃内存!启动时后会立即通过Gradle来sync & build工程。 
 
 
(1)设置Android Studio 
a) 禁用插件 
File -> Settings...  Plugins 去掉一些没有用的插件。 
比如:Git Integration、GitHub、Google Cloud Testing、Google Cloud
    
                                
    • 
                                
  • 各数据库的批量Update操作
                                    tomcat_oracle
javaoraclesqlmysqlsqlite
                                    
    MyBatis的update元素的用法与insert元素基本相同,因此本篇不打算重复了。本篇仅记录批量update操作的 
sql语句,懂得SQL语句,那么MyBatis部分的操作就简单了。     注意:下列批量更新语句都是作为一个事务整体执行,要不全部成功,要不全部回滚。   
MSSQL的SQL语句   
 WITH R AS(
  SELECT 'John' as name, 18 as
    
                                
    • 
                                
  • html禁止清除input文本输入缓存
                                    xp9802
input
                                    
    多数浏览器默认会缓存input的值,只有使用ctl+F5强制刷新的才可以清除缓存记录。如果不想让浏览器缓存input的值,有2种方法: 
方法一: 在不想使用缓存的input中添加 autocomplete="off"; eg: <input type="text" autocomplete="off" name
    
                                
    •