Created by James Hurrell, last modified by N Padmavathi on May 29, 2020
This documentation is not maintained. Please refer to doc.castsoftware.com/technologies to find the latest updates.

CAST AIP Service Packs 8.3.20 - 8.3.23 are compatible only with the latest releases of the JEE Analyzer extension, i.e. 1.0.28 and 1.2.10-funcrel. Using older releases of the extension with these CAST AIP Service Packs risks incomplete analysis results (missing objects, links, violations, erroneous FP values) for JEE and C++ analyses.

Therefore, when using CAST AIP Service Packs 8.3.20 - 8.3.23, please either:

  • Upgrade your JEE extension to a compatible release (i.e. ≥ 1.0.28 or ≥ 1.2.10-funcrel) OR
  • Upgrade CAST AIP to a more recent Service Pack (≥ 8.3.24) which are compatible with older releases of the JEE Analyzer extension

If upgrading the JEE Analyzer extension or CAST AIP is not possible, please contact CAST Technical Support

Updates

The following rules have been modified:

Rule IDRule nameChange
4700Avoid using 'Throwable.printStackTrace()' within a try catch block

This rule has been marked as DELETED and merged with 4702 - Avoid using 'Throwable.printStackTrace()' outside a try catch block.

4702Avoid using 'Throwable.printStackTrace()' outside a try catch blockThe rule name has been changed to Avoid using 'Throwable.printStackTrace()' with no argument.
8104Close database resources ASAPTotal scope has been updated to: Constructor, method, JV_INIT, generic method, generic Constructor, annotation method, lambda
8214CWE-672: Expired or Released Resource should not be usedTotal scope has been updated to: Constructor, method, JV_INIT, generic method, generic Constructor, annotation method, lambda
8216

Avoid numerical data corruption during incompatible mutation

Total scope has been updated to: All artifacts that can reference an incompatible mutation which includes methods, lambdas and constructors
Note that after an upgrade to this release of the extension and the generation of a post-upgrade consistency snapshot on unchanged source code, rule results may be impacted.

Resolved issues

The following issues have been fixed in this release of the JEE Analyzer extension:

Internal IDTicket IDSummary
JFAMILY-122614684Incorrect results (number of total checks) for the rule "Avoid double checked locking - 7446". Due to a bug in the total procedure used to generate the results of this rule, the number of total checks was erroneous. After an upgrade and the generation of a new snapshot, expect changes in results for this rule (improved accuracy).
JFAMILY-99815904JEE analysis warning -Exception: EXCEPTION_ACCESS_VIOLATION
JFAMILY-99515578Run methods are not identified by Standard Entry Point
JFAMILY-98815496TCC shows OutputStream instead of OutputStream
JFAMILY-98315567JEE warning- Log the exception information: Exception: EXCEPTION_ACCESS_VIOLATION
JFAMILY-97114924Scope is too small of rule- CWE-681: Avoid numerical data corruption during incompatible mutation
JFAMILY-954 -Support hibernate 4/5 for the QR CWE-672 Expired or Released Resource should not be used
JFAMILY-88314759 Analysis failed with the error "Procedure call failed: ?eb3_oms_local.CACHE_FLUSHDATA,I_IDSESSION
JFAMILY-86014490 False Positive coming for rule "Avoid using 'Throwable.printStackTrace()' outside a try catch block"
JFAMILY-80312977Wrong book mark shown for the violation Avoid testing floating point numbers
JFAMILY-665 -Embedded Java in JSP not resolved