Switch order of literals to prevent NullPointerException

[citizenjosh]

This change defensively switches the order of literals in comparison expressions to ensure that no null pointer exceptions are unexpectedly thrown. Runtime exceptions especially can cause exceptional and unexpected code paths to be taken, and this can result in unexpected behavior.

Both simple vulnerabilities (like information disclosure) and complex vulnerabilities (like business logic flaws) can take advantage of these unexpected code paths.

Our changes look something like this:

  String fieldName = header.getFieldName();
  String fieldValue = header.getFieldValue();
- if(fieldName.equals("requestId")) {
+ if("requestId".equals(fieldName)) {
    logRequest(fieldValue);
  }

More reading

• http://cwe.mitre.org/data/definitions/476.html
• https://en.wikibooks.org/wiki/Java_Programming/Preventing_NullPointerException
• https://rules.sonarsource.com/java/RSPEC-1132/

I have additional improvements ready for this repo! If you want to see them, leave the comment:

@pixeebot next

... and I will open a new PR right away!

Powered by: pixeebot (codemod ID: pixee:java/switch-literal-first)

[codecov]

Codecov Report

Attention: 4 lines in your changes are missing coverage. Please review.

Comparison is base (199cfe8) 51.838% compared to head (5ce9271) 51.838%.
Report is 2 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff            @@
##            master     #4322   +/-   ##
=========================================
  Coverage   51.838%   51.838%           
=========================================
  Files          497       497           
  Lines        28346     28346           
  Branches      4917      4917           
=========================================
  Hits         14694     14694           
  Misses       11610     11610           
  Partials      2042      2042           

Flag	Coverage Δ
AlsoSlowTests	51.838% <55.555%> (ø)
javaparser-core	51.838% <55.555%> (ø)
javaparser-symbol-solver	51.838% <55.555%> (ø)
jdk-10	51.834% <55.555%> (+0.007%)	⬆️
jdk-11	51.834% <55.555%> (ø)
jdk-12	51.834% <55.555%> (+0.010%)	⬆️
jdk-13	51.834% <55.555%> (+0.007%)	⬆️
jdk-14	51.834% <55.555%> (ø)
jdk-15	51.834% <55.555%> (+0.010%)	⬆️
jdk-16	51.823% <55.555%> (ø)
jdk-17	51.834% <55.555%> (ø)
jdk-18	51.813% <55.555%> (-0.022%)	⬇️
jdk-8	51.832% <55.555%> (ø)
jdk-9	51.834% <55.555%> (+0.010%)	⬆️
macos-latest	51.830% <55.555%> (ø)
ubuntu-latest	51.820% <55.555%> (ø)
windows-latest	51.816% <55.555%> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Files	Coverage Δ
...validations/chunks/UnderscoreKeywordValidator.java	100.000% <100.000%> (ø)
.../validator/postprocessors/Java10PostProcessor.java	94.444% <100.000%> (ø)
...parser/printer/lexicalpreservation/Difference.java	76.628% <100.000%> (ø)
...hub/javaparser/utils/ParserCollectionStrategy.java	81.481% <100.000%> (ø)
...st/validator/RecordAsTypeIdentifierNotAllowed.java	73.333% <50.000%> (ø)
...om/github/javaparser/utils/CollectionStrategy.java	54.545% <0.000%> (ø)
...declarations/ResolvedReferenceTypeDeclaration.java	0.000% <0.000%> (ø)

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 91b7cf9...5ce9271. Read the comment docs.

[jlerbsc]

@pixeebot next