[Java] Inheritance of Exception and problem with rule 'Classes named like "Exception" should extend "Exception" or a subclass'

[ron190]

I use 3 levels of inheritance for my Exception. Sonar reports problems starting from level 2 and asks me to remove Exception from class name.

Is there a problem with my code or with Sonar ?

Inheritance Level 1 : OK

package com.jsql.model.exception;

public class JSqlException extends Exception {
   
    public JSqlException(String message) {
        super(message);
    }

    public JSqlException(String message, Throwable e) {
        super(message, e);
    }
   
}

Inheritance Level 2 : KO

package com.jsql.model.exception;

public abstract class SlidingException extends JSqlException { // <= Rename this class to remove "Exception" or correct its inheritance.
   
    private String slidingWindowAllRows = "";
   
    public SlidingException(String message) {
        super(message);
    }
   
    public SlidingException(String message, Throwable e) {
        super(message, e);
    }

    public void setSlidingWindowAllRows(String slidingWindowAllRows) {
        this.slidingWindowAllRows = slidingWindowAllRows;
    }
   
    public String getSlidingWindowAllRows() {
        return this.slidingWindowAllRows;
    }
   
}

Inheritance Level 3 : KO

package com.jsql.model.exception;

public class StoppedByUserException extends SlidingException { // <= Rename this class to remove "Exception" or correct its inheritance.

    public StoppedByUserException() {
        super("Stopped by user");
    }

}

Inheritance Level 3 : KO

package com.jsql.model.exception;

public class InjectionFailureException extends SlidingException { // <= Rename this class to remove "Exception" or correct its inheritance.
   
    public InjectionFailureException() {
        super("Execution stopped");
    }
   
    public InjectionFailureException(String message) {
        super(message);
    }

    public InjectionFailureException(String message, Throwable e) {
        super(message, e);
    }
   
}

[Michael Gumowski]

Hello Ron,

Such cases should be perfectly handled by the Java Analyzer. Can you please specify which version of the Sonar Java Analyzer you are using, as well as your version of SonarQube.

Now, how are you analyzing your project? Are you providing the bytecode for your analysis? Are you providing the binaries of the libraries used by your code?

Best regards,

Michael GUMOWSKI | SonarSource

Software Developer @ Language Team
http://sonarsource.com

--
You received this message because you are subscribed to the Google Groups "SonarQube" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/ac358070-a667-4ecf-8896-ed42c3722f6b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ron190]

The Sonar and scanner I'm using :

• Sonar Java Analyzer: sonar-scanner-2.6.1
• SonarQube: sonarqube-5.6

I guess I'm only providing .java source files. My file sonar-project.properties is located in my project folder at X:\Users\XXXXXXXX\git\jsql-injection\.

I start the server using StartSonar.bat and I'm running the scanner from a .bat file.

launch-jsql.bat to launch the scanner :

cd X:\Users\XXXXXXXX\git\jsql-injection

c:

E:\Dev\sonar-scanner-2.6.1\bin\sonar-scanner.bat

[Scott B.]

Hi.

Your project is using maven for build. Just use the Sonar Scanner for Maven, it will be much easier.

Use this command: mvn package sonar:sonar

You don't need a sonar-project.properties to this.

[ron190]

I changed my scanning process to maven but the problem occurs nonetheless.
I attached the maven results to this post and you will also find logs in my previous post.
Thank you for your time.

[melzer...@gmail.com]

I have the same issue.

Can anybody create a bug ticket?

[Michael Gumowski]

Hello,

I'm still unable to reproduce the issue with SQ 5.6 and Java 4.1. We will not create any ticket without being able to reproduce it.

On my sample maven project with 4 level of inheritance of exception and rule squid:S2166 enabled (Classes named like "Exception" should extend "Exception" or a subclass), the analysis is not raising any issue for S2166.

Are you sure you are correctly providing the byte code of your classes to the analyzer and building your project before starting the analysis?

Attached to this email, you'll find my example maven project, with only 4 chained exception classes. I build it with command "maven clean install sonar:sonar".

Regards,

Michael GUMOWSKI | SonarSource

Software Developer @ Language Team
http://sonarsource.com

--

You received this message because you are subscribed to the Google Groups "SonarQube" group.

To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+unsubscribe@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/01a5ace2-ba91-47fe-a3b0-47e91dadb170%40googlegroups.com.

[melzer...@gmail.com]

Hello,

thanks for your quick reply. I tested it with 4.0. Then i will try 4.1 :).

To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+...@googlegroups.com.

[pinet.m...@gmail.com]

In example.zip you have added and mixed code, can you test it with the original code unchanged ?

[Michael Gumowski]

Hello,

The example project I provided is completely equivalent in terms of what is required to theoretically raise the issue, as described in the first email.

Note that I also tried to reproduce the issue with the exact same classes provided by @ron190 in his first email. See the attached project if you want to try to reproduce it with it. (run command "mvn clean install sonar:sonar", with a SQ 5.6, java analyzer 4.1, and only rule S2166 activated. I still confirm that I'm not raising any FP with this rule).

Note that I also tried to reproduce the issue using jsql-injection project, and I'm not raising such reported issues (again, mvn clean install sonar:sonar).

I'm not going to invest more time in this. The rule is doing fine, as long as you are providing byte code.

Regards,

Michael GUMOWSKI | SonarSource

Software Developer @ Language Team
http://sonarsource.com

--

You received this message because you are subscribed to the Google Groups "SonarQube" group.

To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+unsubscribe@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/fc0a6d42-fee0-4540-82e3-9e98e52ae484%40googlegroups.com.

[pinet.m...@gmail.com]

I have just realised Sonar v6.0 is out, the problem is gone after I tested with the new version. Thank you Michael for your time.

On Sunday, July 24, 2016 at 1:49:05 PM UTC+2, ron190 wrote:

[Andre Frintrop]

Hi. we have also 6.2 but still inheritance are not recognized. did you find any solutions ?

[Michael Gumowski]

Andre, 

Please open a new thread with a complete description of your issue, the versions of SQ and analyzers that you are using, and a reproducer. This thread is 7 months old and things have changed both in SQ and SonarJava.

Regards,

Michael

--

You received this message because you are subscribed to the Google Groups "SonarQube" group.

To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/685eb3de-f274-407f-9ad4-c2a20ed1682b%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--