-
Notifications
You must be signed in to change notification settings - Fork 2k
Expand file tree
/
Copy pathNonSerializableComparator.ql
More file actions
52 lines (46 loc) · 1.46 KB
/
NonSerializableComparator.ql
File metadata and controls
52 lines (46 loc) · 1.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
/**
* @name Non-serializable comparator
* @description A comparator that is passed to an ordered collection (for example, a treemap) must be
* serializable, otherwise the collection fails to serialize at run-time.
* @kind problem
* @problem.severity warning
* @precision low
* @id java/non-serializable-comparator
* @tags reliability
* maintainability
* language-features
*/
import java
predicate nonSerializableComparator(Class c) {
exists(TypeSerializable serializable, GenericInterface comparator |
comparator.hasQualifiedName("java.util", "Comparator") and
c.getASourceSupertype+() = comparator and
not c.getASourceSupertype+() = serializable and
c.fromSource()
)
}
predicate sortedCollectionBaseType(RefType t) {
t.hasName("SortedSet") or
t.hasName("SortedMap") or
t.hasName("PriorityQueue")
}
predicate sortedCollectionType(RefType t) {
sortedCollectionBaseType(t.getAnAncestor().getSourceDeclaration())
}
string nameFor(Class c) {
nonSerializableComparator(c) and
(
c instanceof AnonymousClass and result = "This comparator"
or
not c instanceof AnonymousClass and result = c.getName()
)
}
from Class c, Expr arg, ClassInstanceExpr cie
where
nonSerializableComparator(c) and
c = arg.getType() and
arg = cie.getAnArgument() and
sortedCollectionType(cie.getType())
select arg,
nameFor(c) + " is not serializable, so should not be used as the comparator in a " +
cie.getType().getName() + "."