All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.sonar.plugins.csharp.S3900.html Maven / Gradle / Ivy

There is a newer version: 10.2.0.105762
Show newest version

Why is this an issue?

Methods declared as public, protected, or protected internal can be accessed from other assemblies, which means you should validate parameters to be within the expected constraints. In general, checking against null is recommended in defensive programming.

This rule raises an issue when a parameter of a publicly accessible method is not validated against null before being dereferenced.

Noncompliant code example

public class MyClass
{
    private MyOtherClass other;

    public void Foo(MyOtherClass other)
    {
        this.other = other.Clone(); // Noncompliant
    }

    protected void Bar(MyOtherClass other)
    {
        this.other = other.Clone(); // Noncompliant
    }
}

Compliant solution

public class MyClass
{
    private MyOtherClass other;

    public void Foo(MyOtherClass other)
    {
        if (other != null)
        {
            this.other = other.Clone();
        }
    }

    protected void Bar(MyOtherClass other)
    {
        if (other != null)
        {
            this.other = other.Clone();
        }
    }

    public void Baz(MyOtherClass other)
    {
        ArgumentNullException.ThrowIfNull(other);

        this.other = other.Clone();
    }

    public void Qux(MyOtherClass other)
    {
        this.other = other; // Compliant: "other" is not being dereferenced
    }

    private void Xyzzy(MyOtherClass other)
    {
        this.other = other.Clone(); // Compliant: method is not publicly accessible
    }
}

Exceptions

  • Arguments validated for null via helper methods should be annotated with the [NotNull] attribute.
  • Method parameters marked with the [NotNull] Resharper code annotation attribute are supported as well.
  • To create a custom null validation method declare an attribute with name ValidatedNotNullAttribute and mark the parameter that is validated for null in your method declaration with it:
using System;

[AttributeUsage(AttributeTargets.Parameter, Inherited=false)]
public sealed class ValidatedNotNullAttribute : Attribute { }

public static class Guard
{
    public static void NotNull<T>([ValidatedNotNullAttribute] T value, [CallerArgumentExpression("value")] string name = "") where T : class
    {
        if (value == null)
            throw new ArgumentNullException(name);
    }
}

public static class Utils
{
    public static string ToUpper(string value)
    {
        Guard.NotNull(value);

        return value.ToUpper(); // Compliant
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy