![pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>](/assets/img/avatar_default.png) 
|
3afacf2405
|
Switch order of literals to prevent NullPointerException (#2769)
This change defensively switches the order of literals in comparison
expressions to ensure that no null pointer exceptions are unexpectedly
thrown. Runtime exceptions especially can cause exceptional and
unexpected code paths to be taken, and this can result in unexpected
behavior.
Both simple vulnerabilities (like information disclosure) and complex
vulnerabilities (like business logic flaws) can take advantage of these
unexpected code paths.
Our changes look something like this:
```diff
String fieldName = header.getFieldName();
String fieldValue = header.getFieldValue();
- if(fieldName.equals("requestId")) {
+ if("requestId".equals(fieldName)) {
logRequest(fieldValue);
}
```
<details>
<summary>More reading</summary>
*
[https://cwe.mitre.org/data/definitions/476.html](https://cwe.mitre.org/data/definitions/476.html)
*
[https://en.wikibooks.org/wiki/Java_Programming/Preventing_NullPointerException](https://en.wikibooks.org/wiki/Java_Programming/Preventing_NullPointerException)
*
[https://rules.sonarsource.com/java/RSPEC-1132/](https://rules.sonarsource.com/java/RSPEC-1132/)
</details>
🧚🤖 Powered by Pixeebot
[Feedback](https://ask.pixee.ai/feedback) |
[Community](https://pixee-community.slack.com/signup#/domain-signup) |
[Docs](https://docs.pixee.ai/) | Codemod ID:
pixee:java/switch-literal-first

<!--{"type":"DRIP","codemod":"pixee:java/switch-literal-first"}-->
Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
|
2025-01-22 10:39:47 +00:00 |
|
![pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>](/assets/img/avatar_default.png) 
|
d832a90de0
|
(CodeQL) Fixed finding: "Arbitrary file access during archive extraction ("Zip Slip")
" (#2344)
(CodeQL) Fixed finding: "Arbitrary file access during archive extraction ("Zip Slip")
"
Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
|
2024-11-27 07:16:03 +00:00 |
|
![pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>](/assets/img/avatar_default.png) 
|
af5e2b6895
|
Modernize and secure temp file creation (#2106)
Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
|
2024-10-28 23:19:12 +00:00 |
|
![pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>](/assets/img/avatar_default.png) 
|
09c9944fc3
|
Switch order of literals to prevent NullPointerException (#2035)
Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
|
2024-10-18 07:15:10 +01:00 |
|
 ![github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>](/assets/img/avatar_default.png)  ![pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>](/assets/img/avatar_default.png) 
|
b31564968c
|
Introduced protections against system command injection (#2011)
* Introduced protections against system command injection
* Update translation files (#2034)
Signed-off-by: GitHub Action <[email protected]>
Co-authored-by: GitHub Action <[email protected]>
---------
Signed-off-by: GitHub Action <[email protected]>
Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: GitHub Action <[email protected]>
|
2024-10-18 00:10:42 +01:00 |
|
![pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>](/assets/img/avatar_default.png) 
|
b7d37deb85
|
Refactored to use parameterized SQL APIs (#1545)
Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
|
2024-07-09 21:18:32 +01:00 |
|
 pixeebot[bot]andGitHub
|
88338b4dbc
|
(Sonar) Fixed finding: "Utility classes should not have public constructors"
|
2024-06-07 07:52:26 +00:00 |
|
 pixeebot[bot]andGitHub
|
9147d364bc
|
(Sonar) Fixed finding: "@Override should be used on overriding and implementing methods"
|
2024-06-07 04:38:10 +00:00 |
|
 pixeebot[bot]andGitHub
|
503acc9408
|
Introduced protections against HTTP header injection / smuggling attacks
|
2024-05-07 03:44:03 +00:00 |
|
![pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>](/assets/img/avatar_default.png) 
|
5564f378e5
|
(Sonar) Fix "String#replace should be preferred to String#replaceAll" (#1056)
Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
|
2024-04-09 06:52:52 +01:00 |
|
![pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>](/assets/img/avatar_default.png) 
|
54c3bee205
|
Replaced Stream.collect(Collectors.toList()) with Stream.toList() (Sonar) (#1018)
Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
|
2024-04-03 22:41:24 +01:00 |
|
![pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>](/assets/img/avatar_default.png) 
|
1035a3be31
|
Define a constant for a literal string that is duplicated n times (Sonar) (#978)
Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
|
2024-03-28 17:44:10 +00:00 |
|