改findbogs碰到的两个问题,一个是关于IO流,一个是关于空指针检查异常。
1.NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE
前面代码略。。。 File crFile = new File(crFilelocalPath);
if (crFile.exists()&& crFile.isDirectory() && crFile.listFiles() != null
&& crFile.listFiles().length > 0) { //略。。。 } 后面略。。。。
原因分析:
问题出在 crFile.listFiles() ,google到,说是第一个 crFile.listFiles()判断不为null,但是第二个crFile.listFiles()还是可能会为null。(原文:If the first call of listFiles() is != null, that doesn't mean the second call is also != null.)
google原文见:https://sourceforge.net/p/findbugs/bugs/1468/
所以改为
前面略。。
File crFile = new File(crFilelocalPath);
if (crFile.exists() && crFile.isDirectory()) {
File[] files = crFile.listFiles();
if (files != null && files.length > 0) {
//略。。。
}
}
后面略。。。
findbugs就不报错了。。。
2.OBL_UNSATISFIED_OBLIGATION
是关于IO流的关闭
findbugs报错的代码
public static boolean storeFile2LocalPath(String fileName, String localPath, File fileInput) {
boolean success = false;
FileInputStream inputStream = null;
OutputStream os = null;
try {
inputStream = new FileInputStream(fileInput);
//保存到临时文件
byte[] bs = new byte[1024];// 1K的数据缓冲
int len;// 读取到的数据长度
// 输出的文件流保存到本地文件
File tempFile = new File(localPath);
if (!tempFile.exists()) {
tempFile.mkdirs();
}
String filePath = tempFile.getPath() + File.separator + fileName;
os = new FileOutputStream(filePath);
log.info("storeFile2LocalPath() and filePath = " + filePath);
// 开始读取
while ((len = inputStream.read(bs)) != -1) {
os.write(bs, 0, len);
}
success = true;
} catch (Exception e) {
e.printStackTrace();
} finally {
// 完毕,关闭所有链接
try {
if(os != null) {
os.close();
os = null;
}
if(inputStream != null){
inputStream.close();
inputStream = null;
}
} catch (IOException e) {
e.printStackTrace();
}
}
return success;
}
报错如下:
This method may fail to clean up (close, dispose of) a stream,
database object, or other resource requiring an explicit cleanup
operation.
In general, if a method opens a stream or other resource, the method
should use a try/finally block to ensure that the stream or resource
is cleaned up before the method returns.
This bug pattern is essentially the same as the **OS_OPEN_STREAM and
ODR_OPEN_DATABASE_RESOURCE** bug patterns, but is based on a different
(and hopefully better) static analysis technique. We are interested is
getting feedback about the usefulness of this bug pattern. To send
feedback, either: •send email to findbugs@cs.umd.edu •file a bug
report: http://findbugs.sourceforge.net/reportingBugs.html
In particular, the false-positive suppression heuristics for this bug
pattern have not been extensively tuned, so reports about false
positives are helpful to us.
See Weimer and Necula, Finding and Preventing Run-Time Error Handling
Mistakes, for a description of the analysis technique.
原因分析:
连续关闭两个流,在同一个finally快里,若第一个流close失败,出现异常时,会导致第二个流没有关闭。
所以改为如下方式,findbugs不报错了。
//将后面的finally块改为: 再嵌套一个finally块
finally {
// 完毕,关闭所有链接
try {
if (os != null) {
os.close();
os = null;
}
} catch (IOException e) {
e.printStackTrace();
} finally {
try {
if (inputStream != null) {
inputStream.close();
inputStream = null;
}
} catch (Exception e2) {
e2.printStackTrace();
}
}
}