Skip to first unread message
Arne
Mar 28, 2018, 4:34:45 AM3/28/18
to SonarQube
Hi,
I'm not quite sure this is the right place to post this, so sorry if I'm in the wrong topic.
Anyway, I'd like to suggest a new issue.
Json deserialisation using Gson can throw a JsonSyntaxException, but because this is a RuntimeException it won't give any compilation issues.
Although, since json data quite often comes from an API, it's a good practice to always check for any thrown exeptions.
Is this something that can become an issue in Sonarqube, as a Code smell or Vulnerability?
Failing code:
Gson gson = new Gson();gson.fromJson("{\"value\": true}", MyData.class);
class MyData { String value;}
alexandr...@gmail.com
Apr 30, 2018, 12:05:47 PM4/30/18
to SonarQube
Hello Arne,
Thanks for your suggestion.
What would you recommend to the developer to do? Add a try/catch block to catch the com.google.gson.JsonParseException or com.google.gson.JsonSyntaxException exceptions and raise a custom/functional error?
Thanks
Alex
Reply all
Reply to author
Forward
0 new messages