456360 – BUG - Use of Wrong Operator in String Comparison - Version 1.8.4 , 1.6.8 and 1.6.9

Bug 456360 - BUG - Use of Wrong Operator in String Comparison - Version 1.8.4 , 1.6.8 and 1.6.9

Summary: BUG - Use of Wrong Operator in String Comparison - Version 1.8.4 , 1.6.8 and ...

Status:	NEW

Alias:	None

Product:	AspectJ
Classification:	Tools
Component:	Library (show other bugs)
Version:	1.8.4
Hardware:	PC Windows 7

Importance:	P3 normal (vote)
Target Milestone:	---
Assignee:	aspectj inbox
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-12-30 11:50 EST by david camilo espitia manrique
Modified:	2015-01-07 19:42 EST (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description david camilo espitia manrique

2014-12-30 11:50:14 EST

We are currently using aspectjweaver-1.6.9.jar and during veracode analysis, this scanner found this bug in ClassLoaderRepository.java (Line 317) in the version 1.6.8, 1.6.9 and 1.8.4:

Type: Use of Wrong Operator in String Comparison

Description:
Using '==' to compare two strings for equality or '!=' for inequality actually compares the object references rather than
their values. It is unlikely that this reflects the intended application logic.

Recommendations
Use the equals() method to compare strings, not the '==' or '!=' operator.


Thanks.

Comment 1 Andrew Clement

2015-01-07 19:42:13 EST

I can't see where this refers to. This is the file:

https://github.com/eclipse/org.aspectj/blob/93c58e39cf0512d0920c37a40026a6aa5f1ff26b/bcel-builder/src/org/aspectj/apache/bcel/util/ClassLoaderRepository.java

line 317 doesn't use ==