What language is this for?
Java
Which rule?
-
Rule Key: java:S2447
-
Rule Name: “null” should not be returned from a “Boolean” method
Why do you believe it’s a false-positive/false-negative?
This is a false-negative.
The rule is designed to prevent returning null from a method whose return type is java.lang.Boolean (wrapper), because callers will auto-unbox it to boolean and risk a NullPointerException at runtime.
The provided code should raise S2447 on the case 0 → null line, but the current implementation of BooleanMethodReturnCheck only checks for a direct NULL_LITERAL in ReturnStatementTree. It does not traverse SWITCH_EXPRESSION (Java 14+), CONDITIONAL_EXPRESSION, etc. Therefore the issue is completely missed.
Are you using
-
SonarQube Cloud? No
-
SonarQube Server / Community Build - which version? No (local analysis only)
-
SonarQube for IDE - which IDE/version? No
We are using the SonarQube Scanner (command-line) with the latest sonar-java analyzer plugin.
How can we reproduce the problem?
Self-contained reproduction code (Java 17+):
Java
public class Test {
public Boolean isUsable(int state) {
return switch (state) { // return type is java.lang.Boolean (not primitive)
case 0 -> null; // ← should raise S2447 here
default -> Boolean.TRUE;
};
}
public boolean caller(int state) {
return isUsable(state); // auto-unboxing → NPE when state == 0
}
}
Reproduction steps:
Bash
# 1. Compile
javac --release 17 -d target/classes src/main/java/Test.java
# 2. Scan
sonar-scanner \
-Dsonar.projectKey=s2447-fn \
-Dsonar.sources=src/main/java \
-Dsonar.java.binaries=target/classes \
-Dsonar.java.source=17
Environment:
-
SonarQube Scanner: 8.1.0.6389
-
sonar-java plugin: latest main branch (commit 444a7b0f7b259799b5b04cf51c942a90a4a010f7)
-
Java: 17+
Expected: S2447 is raised on the line case 0 → null;.
Actual: No issue reported.