You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I got some problem when run spotbugs with find-sec-bugs plugin.
The issue is that SpringEntityLeakDetector throws NPE when some interface has @RequestMapping annotations.
For feign client I need to put spring MVC annotations on interface.
I think that problem is from MethodGenFactory#analyze.
That method returns null when method.getCode() == null.
So, (MethodGen methodGen = classContext.getMethodGen(m);) methodGen can be null.
NPE is thrown on List<String> classesToInspect = new ArrayList<>(Arrays.asList(methodGen.getReturnType().toString()));
It looks like to solve the issue by skipping when methodGen is null.
Is there any workaround for this problem?
Let me know please.
This PR fixfind-sec-bugs#477
Spring cloud openfeign client uses spring mvc annotation, but these client are not controller.
Signed-off-by: Kwangyong Kim <banana.yong@gmail.com>
bananayong
added a commit
to bananayong/find-sec-bugs
that referenced
this issue
May 4, 2019
This PR fixfind-sec-bugs#477
Spring cloud openfeign client uses spring mvc annotation, but these client are not controller.
Signed-off-by: Kwangyong Kim <banana.yong@gmail.com>
I have the same issue, but other usecase. We use the annotated interfaces to separate it from the controller code, so the controller implements the interface with the annotated methods.
Environment
Problem
I got some problem when run spotbugs with find-sec-bugs plugin.
The issue is that SpringEntityLeakDetector throws NPE when some interface has
@RequestMapping
annotations.For feign client I need to put spring MVC annotations on interface.
I think that problem is from
MethodGenFactory#analyze
.That method returns null when
method.getCode() == null
.So, (
MethodGen methodGen = classContext.getMethodGen(m);
) methodGen can be null.NPE is thrown on
List<String> classesToInspect = new ArrayList<>(Arrays.asList(methodGen.getReturnType().toString()));
It looks like to solve the issue by skipping when methodGen is null.
Is there any workaround for this problem?
Let me know please.
Thank you!
Code (If needed)
I made sample project to reproduce this issue.
https://github.com/bananayong/spring-entity-leak-detector-issue
The text was updated successfully, but these errors were encountered: