Skip to first unread message
aprina...@gmail.com
Dec 12, 2017, 3:06:57 PM12/12/17
to SonarQube
Sonarqube reports the following condition as bug.
string a1 = null;
string a2 = null;
string a3 = null;
for(int i = 0; i < args.length; ++i)
{
if ( args[i] == "-one" )
{
a1 = args[++i];
}
else if ( args[i] == "-two" )
{
a2 = args[++i];
}
else if ( args[i] == "-three" )
{
a3 = args[++i];
}
}
if ( !string.IsNullOrEmpty(a2) && !string.IsNullOrEmpty(a3))
{
// Do something
}
else
{
// Do something
}
Scott B.
Dec 12, 2017, 7:07:54 PM12/12/17
to SonarQube
Hi.
Can you show the values of an "args" array that meets the "if" condition?
Please see this demo: https://dotnetfiddle.net/ro8p6C
I think there's a bug in your code. You are incrementing the index twice:
Can you show the values of an "args" array that meets the "if" condition?
Please see this demo: https://dotnetfiddle.net/ro8p6C
I think there's a bug in your code. You are incrementing the index twice:
valeri....@sonarsource.com
Dec 13, 2017, 7:38:13 AM12/13/17
to SonarQube
We still don't "execute" loops in our data flow engine (it is used for always true/false, null pointer dereference and a few other rules), hence we have false positives for methods like yours. We have plans to improve the engine in the near future, but right now the only workaround is to mark the issue as False Positive (or something else) so that it does not bother you. If you are using a new version of SonarLint for Visual Studio, closing the issue in SonarQube will prevent it from being displayed in VS as well.
Reply all
Reply to author
Forward
0 new messages