JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.
If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.
If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.
| CodeSonar® 9.2p0 | CONFIDENTIAL | CodeSecure Inc |
There is a suspicious use of & instead of &&.
Java has a bitwise and a logical-AND operation on Booleans, that is, & and &&. Similarly, Java has a bitwise and a logical-OR operation | and ||. The difference is that the logical operations have a short circuit semantics, that is, if the evaluation of the left-hand side is enough to determine the outcome of the operation, then the right-hand side is not evaluated; the bitwise operations, instead, evaluate both sides, always, which might be incorrect is most cases, or at least inefficient.
| Class Name | Bitwise AND on Boolean (Java) | |||
|---|---|---|---|---|
| Significance | reliability | |||
| Mnemonic | JAVA.STRUCT.BW.AND | |||
| Categories |
|
|||
| Availability | Available for Java and Kotlin. |
|||
| Enabling | Checks for this warning class are enabled by
default. To disable them, add the following WARNING_FILTER rule to the
project configuration file.
WARNING_FILTER += discard class="Bitwise AND on Boolean (Java)" |
Japanese (ja)
public class ShortCircuitExamples {
public static void test1(String[] args) {
if (args.length == 0 | isOption(args[0])) /* Bitwise OR on Boolean (Java) warning issued here.
* IsOption(args[0]) is always evaluated, even if args.Length==0 evaluates to TRUE,
* but if args.Length==0 then IsOption(args[0]) results in an ArrayIndexOutOfBoundsException.
*/
System.out.println("option expected");
// ...
}
public static void test2(String[] args) {
if (args.length == 1 & isOption(args[0])) /* Bitwise AND on Boolean (Java) warning issued here.
* IsOption(args[0]) is always evaluated, even if args.Length==1 evaluates to FALSE,
* including in the case where args.Length==0 and IsOption(args[0]) results in an ArrayIndexOutOfBoundsException.
*/
System.out.println("option expected");
// ...
}
private static boolean isOption(String s) {
return s.equals("option0");
}
public void Test3(boolean a) {
bool x = true;
if (x & a) // Bitwise AND on Boolean Constant (Java) warning issued here.
System.out.println("hello");
// ...
}
public static void Test4(boolean a, String s) {
bool x = false;
if (x | a) // Bitwise OR on Boolean Constant (Java) warning issued here.
System.out.println("hello");
// ...
}
public static void Test5(boolean a, String s) {
a &= isOption(s); // Inefficient Bitwise AND (Java) warning issued here.
// ...
}
public static void Test6(boolean b, String s) {
b |= isOption(s); // Inefficient Bitwise OR (Java) warning issued here.
// ...
}
}
In this example, the programmer should rework the program as follows.
// ShortCircuitExamples.java, after modification
public class ShortCircuitExamples {
public static void test1(String[] args) {
if (args.length == 0 || isOption(args[0]))
System.out.println("option expected");
// ...
}
public static void test2(String[] args) {
if (args.length == 1 && isOption(args[0]))
System.out.println("option expected");
// ...
}
private static boolean isOption(String s) {
return s.equals("option0");
}
public void test3(boolean a) {
bool x = true;
if (a)
System.out.println("hello");
// ...
}
public static void test4(boolean a, string s) {
bool x = false;
if (a)
System.out.println("hello");
// ...
}
public static void test5(boolean a, String s) {
a = a && isOption(s);
// ...
}
public static void test6(boolean b, String s) {
b = b || isOption(s);
// ...
}
}
Use the logical (short-circuit) version of the operators on Booleans.
The following configuration file parameters affect checks for this warning class.
To report problems with this documentation, please visit https://support.codesecure.com/.