Fortify分析翻译2
上一篇 / 下一篇 2008-08-27 15:01:04 / 个人分类:Fortify
Fortify分析翻译2
http://user.qzone.qq.com/281696143/blog Ronger
4. Poor error handling:Empty ctach block(structual):
4.1.BizElementMapping.java
} catch (BizException e) {}
4.2.Ignoring an exception can cause the program
to overlook unexpected states and conditions.
忽视一个异常将会出现不能预料的状态和情况。
4.3.EXPLANATION 解释
Just about every serious attack on a software system
begins with the violation of a programmer's assumptions.
After the attack, the programmer's assumptions seem flimsy and poorly founded,
but before an attack many programmers would defend their assumptions
well past the end of their lunch break.
在一个软件系统中,每一次严重的攻击开始于程序假设的违背。
在攻击之后,程序的假设看起来很浅薄和脆弱,但是在攻击之前,
很多的程序员会为他们的假设辩护。
Two dubious assumptions that are easy to spot in code are
"this method call can never fail" and "it doesn't matter if this call fails".
When a programmer ignores an exception,
they implicitly state that they are operating under one of these assumptions.
在代码中两个容易发现的假设是"函数调用从不会失败"和"如果函数调用失败,它不是个问题"。
当一个程序员忽视一个异常,他们含蓄的声明了,他们操作了下面这些假设中的一个。
Example 1: The following code excerpt ignores a rarely-thrown exception from doExchange().
例子1:下面的代码摘录忽略了一个doExchange()中的很少抛出的异常。
try {
doExchange();
}
catch (RareException e) {
// this can never happen 这些不能发生
}
If a RareException were to ever be thrown,
the program would continue to execute as though nothing unusual had occurred.
The program records no evidence indicating the special situation,
potentially frustrating any later attempt to explain the program's behavīor.
如果一个RareException被抛出的时候,
程序将继续执行就像没有任何特别的事情发生过一样。
程序没有记录表明特殊状况发生的证据,隐含的阻止了后面尝试解释程序的行为。
4.4.RECOMMENDATIONS 建议
At a minimum,
log the fact that the exception was thrown
so that it will be possible to come back later
and make sense of the resulting program behavīor.
Better yet, abort the current operation.
If the exception is being ignored
because the caller cannot properly handle it
but the context makes it inconvenient or impossible for the caller to declare
that it throws the exception itself,
consider throwing a RuntimeException or an Error,
both of which are unchecked exceptions. As of JDK 1.4,
RuntimeException has a constructor that makes it easy to wrap another exception.
最低要求,记录异常被抛出的事实,这样它就有可能在后面回来,并且可以记录程序行为。
更好的,中断当前的操作。
如果异常被忽略,因为调用者不能处理它,
但是环境让调用者不方便或者说不可能处理,它抛出的自身的异常。
考虑抛出一个RuntimeException或者一个Error,这两个都是不可检查异常。
在JDK1.4中,RuntimeException有一个构造器,使它可以很容易包装其它的异常。
Example 2: The code in Example 1 could be rewritten in the following way:
例子2:在例子1中的代码在下面的情况下不能被重写:
try {
doExchange();
}
catch (RareException e) {
throw RuntimeException("This can never happen", e);
}
4.5.提示
There are rare types of exceptions that can be discarded in some contexts.
For instance, Thread.sleep() throws InterruptedException,
and in many situations the program should behave the same way
whether or not it was awoken prematurely.
在一些环境中,有很小类型的可以定义的异常。
举例说明,Thread.sleep()抛出InterruptedException,
并且在许多的情况下,程序可以以同样的方式运转,不管它是否被过早的唤醒。
try {
Thread.sleep(1000);
}
catch (InterruptedException e){
// The thread has been woken up prematurely, but its
// behavīor should be the same either way.
//线程被过早的唤醒,但是它的行为在两种情况下是一样的。
}
5. Poor logging practice:Use of a system output stream(structural):
5.1.BizElementMapping.java
System.out.println("----"+s[i]);
5.2.Using System.out or System.err rather than a dedicated logging facility
makes it difficult to monitor the behavīor of the program...
System.out或者System.err和一个专门的日志组件相比,更难监控
程序的行为。
就是要统一使用日志组件。
5.3.EXPLANATION 解释
Example 1: The first Java program that a developer learns to write often looks like this:
最初的Java程序,一个开发者在学习的时候的程序,常常就像这样:
public class MyClass
public static void main(String[] args) {
System.out.println("hello world");
}
}
While most programmers go on to learn many nuances and subtleties about Java,
a surprising number hang on to this first lesson
and never give up on writing messages to standard output using System.out.println().
当大多数的程序员学习Java的细微差别和比较精细的地方的时候,
第一堂课就是学会使用System.out.println()来将信息写到标准输出中去。
The problem is that writing directly to standard output or standard error
is often used as an unstructured form of logging.
问题是,直接的写到标准输出通常用在非结构的日志模式中。
Structured logging facilities provide features like logging levels,
uniform formatting, a logger identifier, timestamps, and, perhaps most critically,
the ability to direct the log messages to the right place.
When the use of system output streams is jumbled together with the code
that uses loggers properly,
the result is often a well-kept log that is missing critical information.
结构化的日志组件提供特性像:日志级别,统一的格式,日志标示,时间戳,并且,也许最多的批评,
将日志信息输出到正确的位置的能力。
系统输出流的使用会搞乱使用日志属性的代码,
结果就是常常保存的很好的日志,总是少了很多临界的信息。
Developers widely accept the need for structured logging,
but many continue to use system output streams in their "pre-production" development.
If the code you are reviewing is past the initial phases of development,
use of System.out or System.err
may indicate an oversight in the move to a structured logging system.
开发者普遍的接受结构日志的概念,但是还有许多在他们的"半成品"开发阶段继续使用系统输出流。
如果你看到的代码是在最初的开发状态之后,使用System.out或者System.err可以表明
在向结构组件系统转换过程中的疏忽。
5.4.RECOMMENDATIONS 建议
Use a Java logging facility rather than System.out or System.err.
宁可使用一个Java日志组件,也不要使用System.out或者System.err。
Example 2: For example, the "hello world" program above can be re-written using log4j like this:
例子2:例如:上面的"hello world"程序可以像这样的使用log4j来重写:
import org.apache.log4j.Logger;
import org.apache.log4j.BasicConfigurator;
public class MyClass {
private final static Logger logger =
Logger.getLogger(MyClass.class);
public static void main(String[] args) {
BasicConfigurator.configure();
logger.info("hello world");
}
}
6.Poor style:Value never read(Structural):
6.1.AddCLProdMaintainUCCImpl.java
if(prodList!=null){ int i = prodList.size(); }
6.2.The variable's value is assigned but never used, making it a dead store.
变量被定义了,但是没有使用。
6.3.EXPLANATION 解释
This variable's value is not used. After the assignment,
the variable is either assigned another value or goes out of scope.
这个变量的值没有使用。在定义之后,
变量使用了定义的其它的值或者马上出了它的作用域。
Example: The following code excerpt assigns to the variable r
and then overwrites the value without using it.
例如:下面的代码摘录定义了变量r,并且没有使用它就马上重写了它的值。
r = getName();
r = getNewBuffer(buf);
6.4.RECOMMENDATIONS 建议
Remove unnecessary assignments in order to make the code easier to understand and maintain.
为了是代码更加容易理解,并且要能够继续执行,移掉不需要的定义。
http://user.qzone.qq.com/281696143/blog Ronger
4. Poor error handling:Empty ctach block(structual):
4.1.BizElementMapping.java
} catch (BizException e) {}
4.2.Ignoring an exception can cause the program
to overlook unexpected states and conditions.
忽视一个异常将会出现不能预料的状态和情况。
4.3.EXPLANATION 解释
Just about every serious attack on a software system
begins with the violation of a programmer's assumptions.
After the attack, the programmer's assumptions seem flimsy and poorly founded,
but before an attack many programmers would defend their assumptions
well past the end of their lunch break.
在一个软件系统中,每一次严重的攻击开始于程序假设的违背。
在攻击之后,程序的假设看起来很浅薄和脆弱,但是在攻击之前,
很多的程序员会为他们的假设辩护。
Two dubious assumptions that are easy to spot in code are
"this method call can never fail" and "it doesn't matter if this call fails".
When a programmer ignores an exception,
they implicitly state that they are operating under one of these assumptions.
在代码中两个容易发现的假设是"函数调用从不会失败"和"如果函数调用失败,它不是个问题"。
当一个程序员忽视一个异常,他们含蓄的声明了,他们操作了下面这些假设中的一个。
Example 1: The following code excerpt ignores a rarely-thrown exception from doExchange().
例子1:下面的代码摘录忽略了一个doExchange()中的很少抛出的异常。
try {
doExchange();
}
catch (RareException e) {
// this can never happen 这些不能发生
}
If a RareException were to ever be thrown,
the program would continue to execute as though nothing unusual had occurred.
The program records no evidence indicating the special situation,
potentially frustrating any later attempt to explain the program's behavīor.
如果一个RareException被抛出的时候,
程序将继续执行就像没有任何特别的事情发生过一样。
程序没有记录表明特殊状况发生的证据,隐含的阻止了后面尝试解释程序的行为。
4.4.RECOMMENDATIONS 建议
At a minimum,
log the fact that the exception was thrown
so that it will be possible to come back later
and make sense of the resulting program behavīor.
Better yet, abort the current operation.
If the exception is being ignored
because the caller cannot properly handle it
but the context makes it inconvenient or impossible for the caller to declare
that it throws the exception itself,
consider throwing a RuntimeException or an Error,
both of which are unchecked exceptions. As of JDK 1.4,
RuntimeException has a constructor that makes it easy to wrap another exception.
最低要求,记录异常被抛出的事实,这样它就有可能在后面回来,并且可以记录程序行为。
更好的,中断当前的操作。
如果异常被忽略,因为调用者不能处理它,
但是环境让调用者不方便或者说不可能处理,它抛出的自身的异常。
考虑抛出一个RuntimeException或者一个Error,这两个都是不可检查异常。
在JDK1.4中,RuntimeException有一个构造器,使它可以很容易包装其它的异常。
Example 2: The code in Example 1 could be rewritten in the following way:
例子2:在例子1中的代码在下面的情况下不能被重写:
try {
doExchange();
}
catch (RareException e) {
throw RuntimeException("This can never happen", e);
}
4.5.提示
There are rare types of exceptions that can be discarded in some contexts.
For instance, Thread.sleep() throws InterruptedException,
and in many situations the program should behave the same way
whether or not it was awoken prematurely.
在一些环境中,有很小类型的可以定义的异常。
举例说明,Thread.sleep()抛出InterruptedException,
并且在许多的情况下,程序可以以同样的方式运转,不管它是否被过早的唤醒。
try {
Thread.sleep(1000);
}
catch (InterruptedException e){
// The thread has been woken up prematurely, but its
// behavīor should be the same either way.
//线程被过早的唤醒,但是它的行为在两种情况下是一样的。
}
5. Poor logging practice:Use of a system output stream(structural):
5.1.BizElementMapping.java
System.out.println("----"+s[i]);
5.2.Using System.out or System.err rather than a dedicated logging facility
makes it difficult to monitor the behavīor of the program...
System.out或者System.err和一个专门的日志组件相比,更难监控
程序的行为。
就是要统一使用日志组件。
5.3.EXPLANATION 解释
Example 1: The first Java program that a developer learns to write often looks like this:
最初的Java程序,一个开发者在学习的时候的程序,常常就像这样:
public class MyClass
public static void main(String[] args) {
System.out.println("hello world");
}
}
While most programmers go on to learn many nuances and subtleties about Java,
a surprising number hang on to this first lesson
and never give up on writing messages to standard output using System.out.println().
当大多数的程序员学习Java的细微差别和比较精细的地方的时候,
第一堂课就是学会使用System.out.println()来将信息写到标准输出中去。
The problem is that writing directly to standard output or standard error
is often used as an unstructured form of logging.
问题是,直接的写到标准输出通常用在非结构的日志模式中。
Structured logging facilities provide features like logging levels,
uniform formatting, a logger identifier, timestamps, and, perhaps most critically,
the ability to direct the log messages to the right place.
When the use of system output streams is jumbled together with the code
that uses loggers properly,
the result is often a well-kept log that is missing critical information.
结构化的日志组件提供特性像:日志级别,统一的格式,日志标示,时间戳,并且,也许最多的批评,
将日志信息输出到正确的位置的能力。
系统输出流的使用会搞乱使用日志属性的代码,
结果就是常常保存的很好的日志,总是少了很多临界的信息。
Developers widely accept the need for structured logging,
but many continue to use system output streams in their "pre-production" development.
If the code you are reviewing is past the initial phases of development,
use of System.out or System.err
may indicate an oversight in the move to a structured logging system.
开发者普遍的接受结构日志的概念,但是还有许多在他们的"半成品"开发阶段继续使用系统输出流。
如果你看到的代码是在最初的开发状态之后,使用System.out或者System.err可以表明
在向结构组件系统转换过程中的疏忽。
5.4.RECOMMENDATIONS 建议
Use a Java logging facility rather than System.out or System.err.
宁可使用一个Java日志组件,也不要使用System.out或者System.err。
Example 2: For example, the "hello world" program above can be re-written using log4j like this:
例子2:例如:上面的"hello world"程序可以像这样的使用log4j来重写:
import org.apache.log4j.Logger;
import org.apache.log4j.BasicConfigurator;
public class MyClass {
private final static Logger logger =
Logger.getLogger(MyClass.class);
public static void main(String[] args) {
BasicConfigurator.configure();
logger.info("hello world");
}
}
6.Poor style:Value never read(Structural):
6.1.AddCLProdMaintainUCCImpl.java
if(prodList!=null){ int i = prodList.size(); }
6.2.The variable's value is assigned but never used, making it a dead store.
变量被定义了,但是没有使用。
6.3.EXPLANATION 解释
This variable's value is not used. After the assignment,
the variable is either assigned another value or goes out of scope.
这个变量的值没有使用。在定义之后,
变量使用了定义的其它的值或者马上出了它的作用域。
Example: The following code excerpt assigns to the variable r
and then overwrites the value without using it.
例如:下面的代码摘录定义了变量r,并且没有使用它就马上重写了它的值。
r = getName();
r = getNewBuffer(buf);
6.4.RECOMMENDATIONS 建议
Remove unnecessary assignments in order to make the code easier to understand and maintain.
为了是代码更加容易理解,并且要能够继续执行,移掉不需要的定义。
相关阅读:
- Fortify分析翻译3 (flashtree, 2008-8-27)
- Fortify分析翻译4 (flashtree, 2008-8-27)
- Fortify分析翻译5 (flashtree, 2008-8-27)
- Fortify分析翻译6 (flashtree, 2008-8-27)
- Fortify分析翻译7 (flashtree, 2008-8-27)
TAG: Fortify
