JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.
If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.
If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.
| CodeSonar® 9.0p0 Hot Tips | CONFIDENTIAL | CodeSecure Inc |
A classcast might be incorrect at runtime.
You can specify that a method is predictable — that is, it always returns a type predictable by software developers — with the [com.juliasoft.julia.checkers.classcast.PredictableReturnType] attribute. The analysis will not issue warnings for any casts of return values from methods with this attribute.
The [com.juliasoft.julia.checkers.classcast.PredictableReturnType] attribute has no effect in this case, since checks do not cover casts on method return values.
(Note that entry methods are determined with respect to the setting of CSHARP_ANALYSIS_ENTRY_POINTS_MODE.)
C# checks explicit type downcasts at runtime. If they do not hold, a runtime exception is thrown. This checker verifies that casts will be satisfied at runtime, so that they will never throw an exception.
| クラス名 | Risky Class Cast (C#) | |||
|---|---|---|---|---|
| 日本語クラス名 | Risky Class Cast (C#) | |||
| クラス分類 | 信頼性 (reliability) | |||
| ニーモニック | CSHARP.CLASS.CAST | |||
| カテゴリー |
|
|||
| 対応言語 | C# で利用可能です。 |
|||
| 有効/無効設定 | このワーニングクラスのチェックはデフォルトで有効になっています。チェックを無効にするにはプロジェクト設定ファイル
(configuration file)に以下の WARNING_FILTER ルールを追加してください。
WARNING_FILTER += discard class="Risky Class Cast (C#)" |
English (en)
using System;
namespace DocumentationExamples
{
public class Classcast
{
private object f;
private object g = "hi";
public void M1(object o)
{
if (((string)o).StartsWith("hello")) // "Risky Class Cast (C#)" warning always issued here
// - M1() called with ClassCast argument in the body of Caller1()
Console.WriteLine("nice to meet you");
}
public void M2(string s, object o)
{
if (((string)o).StartsWith("hello")) // "Risky Class Cast (C#)" warning always issued here
// - no evidence of M2() being called with a risky value for o in this code, but
// M2() is public so could be called with an incompatible argument from elsewhere
Console.WriteLine("nice to meet you");
}
public void M3(string s, object o)
{
if (((string)Wrap(o)).StartsWith("hello")) // "Risky Class Cast (C#)" warning issued here
// if CSHARP_ANALYSIS_PEDANTIC_MODE=Yes
Console.WriteLine("nice to meet you");
}
public void M4()
{
if (((string)f).StartsWith("hello")) // "Risky Class Cast (C#)" warning issued here
// if CSHARP_ANALYSIS_PEDANTIC_MODE=Yes
Console.WriteLine("nice to meet you");
}
public void M5()
{
if (((string)g).StartsWith("hello")) // ok: safe cast
Console.WriteLine("nice to meet you");
}
private object Wrap(object o)
{
return o;
}
public void Caller1()
{
M1("hi");
M1(this);
}
public void Caller2()
{
M2("ciao", "hello");
M2("come stai", "how are you?");
}
public void Caller3()
{
M3("ciao", "hello");
M3("come stai", f = new object());
}
}
}
For each classcast warning, verify that all types that will ever reach that program point are assignable to the type used for the cast.
設定ファイルの以下のパラメータがこのワーニングクラスのチェックに影響します。