标签:win 静态 ati 维护 case pair nali fine repair
系列文章目录:
Unused Method(不再使用的方法)
示例:
1 private bool checkLevel(string abilitySeqno, string result)
2 {
3 return hrDutyexamProjectAbilityDS.CheckImportLevel(abilitySeqno, result);
4 }
Fortify解释:
The method checkLevel() in AbilityImport..cs is not reachable from any method outside the class. It is dead code. Dead code is defined as code that is never directly or indirectly executed by a public method,or is only called from other dead code.
AbilityImport.cs类的checkLevel() 方法从类外的任何方法都不可达,它是死亡的代码。死亡代码是从未被公共方法直接或间接的调用,或者被其他的死亡代码调用。
Fortify示例1:
1 public class Dead {
2 private void DoWork() {//永远不会被调用
3 Console.Write("doing work");
4 }
5 public static void Main(string[] args) {
6 Console.Write("running Dead");
7 }
8 }
Fortify示例2:
1 public class DoubleDead {
2 private void DoTweedledee() {
3 DoTweedledumb();
4 }
5 private void DoTweedledumb() {
6 DoTweedledee();
7 }
8 public static void Main(string[] args) {
9 Console.Write("running DoubleDead");
10 }
In the following class, two private methods call each other, but since neither one is ever invoked from anywhere else, they are both dead code.
在这个类中,两个私有方法相互调用,但是它们其中任意一个都没有被其他的类调用,它们是死亡代码.
A dead method may indicate a bug in dispatch code.
死亡方法可能意味着在分支代码中存在BUG。
Fortify示例:
1 public ScaryThing GetScaryThing(char st) {
2 switch(st) {
3 case ‘m‘:
4 return GetMummy();
5 case ‘w‘:
6 return GetMummy();
7 default:
8 return GetBlob();
9 }
10 }
If method is flagged as dead named GetWitch() in a class that also contains the following dispatch method, it may be because of a copy-and-paste error. The ‘w‘ case should return GetWitch() not GetMummy().
如果类中的死亡方法 GetWitch() 也存在上面的分支代码逻辑,有可能这是复制粘贴代码时造成的错误,当case匹配w时,应该调用GetWitch() 而不是GetMummy()方法。
In general, you should repair or remove dead code. To repair dead code, execute the dead code directly or indirectly through a public method. Dead code causes additional complexity and maintenance burden without contributing to the functionality of the program.
通常,你应该修复或者移除死亡代码,你可以通过在公共方法直接或间接执行这个方法来修复它。死亡代码增加了复杂性和维护的工作量,同时对系统的功能无所裨益。
This issue may be a false positive if the program uses reflection to access private methods. (This is a non-standard practice. Private methods that are only invoked via reflection should be well documented.)
值得注意的是,这个问题(死亡代码)有可能是个伪命题,因为有可能这个方法是通过反射来调用的。(这是不规范的实践,只通过反射调用的私有方法应该有很好的记录来说明。)
Unused Method(不再使用的方法)——Dead Code(死亡代码)
标签:win 静态 ati 维护 case pair nali fine repair
原文地址:http://www.cnblogs.com/gudi/p/6626179.html