Reuse SecureRandom instances across benchmark test classes#62
Open
sonarqube-agent[bot] wants to merge 1 commit into
Open
Reuse SecureRandom instances across benchmark test classes#62sonarqube-agent[bot] wants to merge 1 commit into
sonarqube-agent[bot] wants to merge 1 commit into
Conversation
Fixed issues: - AZ3eW0LoPF-XYsB0KnQY for java:S2119 rule - AZ3eW0mIPF-XYsB0KnW4 for java:S2119 rule - AZ3eW0-DPF-XYsB0KndO for java:S2119 rule - AZ3eW0NXPF-XYsB0KnQy for java:S2119 rule - AZ3eW0NDPF-XYsB0KnQs for java:S2119 rule Generated by SonarQube Agent (task: 1b0ca324-eef7-4064-9e90-0299376435fb)
Author
|
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixed 5 CRITICAL SonarQube issues where SecureRandom objects were being instantiated on every method invocation instead of being reused. By converting these to class-level fields, the code is now more efficient and produces better randomness as recommended by the java:S2119 rule.
View Project in SonarCloud
Fixed Issues
java:S2119 - Save and re-use this "Random". • CRITICAL • View issue
Location:
src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00257.java:63Why is this an issue?
Creating a new
Randomobject each time a random value is needed is inefficient and may produce numbers that are not random, depending on the JDK. For better efficiency and randomness, create a singleRandom, store it, and reuse it.What changed
This hunk adds a private static final SecureRandom field at the class level, so that a single SecureRandom instance is created once and reused across all method invocations. This directly addresses the issue at line 63 of BenchmarkTest00257.java where a new SecureRandom object was being created each time the method was called. By defining the Random instance as a class-level field, it is saved and reused, which is more efficient and produces better randomness.
java:S2119 - Save and re-use this "Random". • CRITICAL • View issue
Location:
src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00776.java:90Why is this an issue?
Creating a new
Randomobject each time a random value is needed is inefficient and may produce numbers that are not random, depending on the JDK. For better efficiency and randomness, create a singleRandom, store it, and reuse it.What changed
This hunk adds a private instance field
randomof typejava.security.SecureRandomto the classBenchmarkTest00776. This moves theSecureRandominstantiation from inside a method (where it was created on every invocation) to a class-level field, so it is created once and reused. This directly addresses the issue about saving and reusing aRandomobject instead of creating a new one each time a method is invoked, which is inefficient and may produce non-random numbers.java:S2119 - Save and re-use this "Random". • CRITICAL • View issue
Location:
src/main/java/org/owasp/benchmark/testcode/BenchmarkTest01976.java:74Why is this an issue?
Creating a new
Randomobject each time a random value is needed is inefficient and may produce numbers that are not random, depending on the JDK. For better efficiency and randomness, create a singleRandom, store it, and reuse it.What changed
This hunk adds a private static final SecureRandom field at the class level in BenchmarkTest01976.java, so that a single SecureRandom instance is created once and reused across all method invocations. This directly addresses the bug where a new SecureRandom was being instantiated each time the method was called, which is inefficient and may produce less random values depending on the JDK.
java:S2119 - Save and re-use this "Random". • CRITICAL • View issue
Location:
src/main/java/org/owasp/benchmark/testcode/BenchmarkTest02017.java:62Why is this an issue?
Creating a new
Randomobject each time a random value is needed is inefficient and may produce numbers that are not random, depending on the JDK. For better efficiency and randomness, create a singleRandom, store it, and reuse it.What changed
This hunk adds a private static final SecureRandom field at the class level, so that a single Random instance is created once and reused across all method invocations. This directly addresses the bug where a new SecureRandom was being instantiated each time the method was called (at line 62), which is inefficient and may produce less random values depending on the JDK. By defining the Random object as a class-level field, it is saved and reused as recommended.
java:S2119 - Save and re-use this "Random". • CRITICAL • View issue
Location:
src/main/java/org/owasp/benchmark/testcode/BenchmarkTest02191.java:63Why is this an issue?
Creating a new
Randomobject each time a random value is needed is inefficient and may produce numbers that are not random, depending on the JDK. For better efficiency and randomness, create a singleRandom, store it, and reuse it.What changed
This hunk adds a private instance field
randomof typejava.security.SecureRandomto the classBenchmarkTest02191. Instead of creating a newSecureRandomobject each time a method is invoked, the random instance is now created once at the class level and reused, fixing the 'Save and re-use this Random' warning about inefficiency and potential randomness issues caused by instantiating a newRandomon every method call.SonarQube Remediation Agent uses AI. Check for mistakes.