Hi,
It looks like we are getting a false positive (a few) with the S2259 rule.
SonarQube Community Edition Version 9.7.1 (build 62043)
Sonar gradle plugin ‘org.sonarqube’ version ‘3.+’
This example explicitly checks for null however sonar getMessage can return null:
public String s2259Error() throws HttpServerErrorException {
try {
throw new HttpServerErrorException(HttpStatus.BAD_REQUEST);
} catch (HttpClientErrorException | HttpServerErrorException e) {
if ((e.getMessage() != null) && e.getMessage().contains("NOT_FOUND_PROOF")) {// sonar shows the error here
throw new HttpServerErrorException(HttpStatus.BAD_REQUEST);
}
}
return "";
}
Same for this example:
public String s2259WorseError() throws HttpServerErrorException {
try {
throw new HttpServerErrorException(HttpStatus.BAD_REQUEST);
} catch (HttpClientErrorException | HttpServerErrorException e) {
if (Objects.nonNull(e.getMessage()) && e.getMessage().contains("NOT_FOUND_PROOF")) {// sonar shows the error here
throw new HttpServerErrorException(HttpStatus.BAD_REQUEST);
}
}
return "";
}
The only way I got it to work was:
public String s2259Works() throws HttpServerErrorException {
try {
throw new HttpServerErrorException(HttpStatus.BAD_REQUEST);
} catch (HttpClientErrorException | HttpServerErrorException e) {
if (Objects.requireNonNull(e.getMessage()).contains("NOT_FOUND_DOCUMENT")) {
throw new HttpServerErrorException(HttpStatus.BAD_REQUEST);
}
}
return "";
}
It looks like the first 2 are false positives, can you confirm?