这个页面展示了CISQ/OMG质量测量规则在系统和技术层面上的覆盖,这些应用基于CAST AIP支持的ABAP技术和SAP SQL。ABAP和SAP SQL是许多应用中使用的常见技术堆栈的一个示例。必要时CAST可以帮助为其它技术组合创建CISQ覆盖率的概述。
OMG 特征 | OMG 规则 Id 和名称 | 级别 | AIP QR Id | AIP QR 名称 | 范围说明 | 源技术 |
---|---|---|---|---|---|---|
Maintainability | ASCMM-MNT-02: Class Element Excessive Inheritance of Class Elements with Concrete Implementation | Technology | - | ABAP / SAP SQL | ||
Maintainability | ASCMM-MNT-04: Callable and Method Control Element Number of Outward Calls | System / Technology / Unit | 7778 | Avoid Artifacts with High Fan-Out | 直接执行规则。 | ABAP / SAP SQL |
Maintainability | ASCMM-MNT-07: Inter-Module Dependency Cycles | Technology | N/A | ABAP开发中没有模块。包以层次结构组织。 | ABAP / SAP SQL | |
Maintainability | ASCMM-MNT-09: Horizontal Layer Excessive Number | System | AC | Architecture Checker | 在定义架构时,会检测到过多的层。 | ABAP / SAP SQL |
Maintainability | ASCMM-MNT-10: Named Callable and Method Control Element Multi-Layer Span | System | AC | Architecture Checker | 在定义架构时,将检测跨多个层的组件。 | ABAP / SAP SQL |
Maintainability | ASCMM-MNT-12: Named Callable and Method Control Element with Layer-skipping Call | System | AC | Architecture Checker | 使用架构检查器定义架构并指定层之间的授权链接允许使用跳过层的调用精确定位组件。 | ABAP / SAP SQL |
Ma-intainability | ASCMM-MNT-17: Class Element Excessive Inheritance Level | Technology | 7802 | Avoid Classes with a High Depth of Inheritance Tree | 直接执行规则。 | ABAP / SAP SQL |
Maintainability | ASCMM-MNT-18: Class Element Excessive Number of Children | Technology | 7792 | Avoid Classes with a High Number Of Children | 直接执行规则。 | ABAP / SAP SQL |
Maintainability | ASCMM-MNT-20: Unreachable Named Callable or Method Control Element | System / Technology | 7860 | Avoid unreferenced Functions and Stored Procedures | 直接执行规则。 | ABAP / SAP SQL |
Maintainability | ASCMM-MNT-20: Unreachable Named Callable or Method Control Element | System / Technology | 7908 | Avoid unreferenced Methods | 直接执行规则。 | ABAP / SAP SQL |
Performance Efficiency | ASCPEM-PRF-04: Data Resource Read and Write Access Excessive Complexity | System / Technology / Unit | 7808 | Avoid Artifacts with SQL statement including subqueries | 子查询增加了SQL查询的复杂性。这个AIP规则检查嵌套的SQL查询。 | ABAP / SAP SQL |
Performance Efficiency | ASCPEM-PRF-05: Data Resource Read Access Unsupported by Index Element | System / Technology / Unit | 7870 | Avoid using the NOT LIKE operator in WHERE clauses | 在条件中使用负运算符可以防止在SQL查询中使用索引。这个AIP规则检查在WHERE子句中使用NOT LIKE的查询。 | ABAP / SAP SQL |
Performance Efficiency | ASCPEM-PRF-05: Data Resource Read Access Unsupported by Index Element | System / Technology / Unit | 7878 | Avoid Open SQL SELECT queries without WHERE condition | 没有条件的查询不使用索引并执行全表扫描。这个AIP规则检查没有WHERE子句的查询。 | ABAP / SAP SQL |
Performance Efficiency | ASCPEM-PRF-05: Data Resource Read Access Unsupported by Index Element | System / Technology / Unit | 7902 | Avoid SQL queries that no index can support | 直接执行规则。 | ABAP / SAP SQL |
Performance Efficiency | ASCPEM-PRF-05: Data Resource Read Access Unsupported by Index Element | System / Technology / Unit | 7904 | Avoid SQL queries on XXL tables that no index can support | 直接执行规则,但应用于具有大量行的数据库表。 | ABAP / SAP SQL |
Performance Efficiency | ASCPEM-PRF-08: Control Elements Requiring Significant Resource Element within Control Flow Loop Block | System / Technology / Unit | 7424 | Avoid using SQL queries inside a loop | SQL查询在资源方面可能很昂贵。这个AIP规则检查在循环中执行的查询。 | ABAP / SAP SQL |
Performance Efficiency | ASCPEM-PRF-08: Control Elements Requiring Significant Resource Element within Control Flow Loop Block | System / Technology / Unit | 7880 | Avoid nested loops | OMG规则是为嵌套循环实现的。 | ABAP / SAP SQL |
Performance Efficiency | ASCPEM-PRF-09: Non-Stored SQL Callable Control Element with Excessive Number of Data Resource Access | Technology / Unit | 7544 | Avoid using SELECT ... ENDSELECT statement | 选择. .众所周知,ENDSELECT语句会影响数据库访问中的性能。 | ABAP / SAP SQL |
Performance Efficiency | ASCPEM-PRF-10: Non-SQL Named Callable and Method Control Element with Excessive Number of Data Resource Access | System | - | ABAP / SAP SQL | ||
Performance Efficiency | ASCPEM-PRF-11: Data Access Control Element from Outside Designated Data Manager Component | System / Technology | AC | Architecture Checker | 使用架构检查器定义架构并指定层之间的授权链接允许使用跳过层的调用精确定位组件。 | ABAP / SAP SQL |
Performance Efficiency | ASCPEM-PRF-12: Storable and Member Data Element Excessive Number of Aggregated Storable and Member Data Elements | Technology / Unit | 7424 | Avoid using SQL queries inside a loop | SQL查询在资源方面可能很昂贵。这个AIP规则检查在循环中执行的查询。 | ABAP / SAP SQL |
Performance Efficiency | ASCPEM-PRF-14: Storable and Member Data Element Memory Allocation Missing De-Allocation Control Element | Technology / Unit | - | ABAP / SAP SQL | ||
Performance Efficiency | ASCPEM-PRF-15: Storable and Member Data Element Reference Missing De-Referencing Control Element | Technology / Unit | - | ABAP / SAP SQL | ||
Reliability | ASCRM-CWE-120: Buffer Copy without Checking Size of Input | Technology / Unit | - | ABAP / SAP SQL | ||
Reliability | ASCRM-CWE-252-data: Unchecked Return Parameter Value of named Callable and Method Control Element with Read, Write, and Manage Access to Data Resource | System / Technology / Unit | 7520 | Avoid unchecked return code (SY-SUBRC) after OPEN SQL or READ statement | 直接实现ABAP内部表和数据库表的访问规则。 | ABAP / SAP SQL |
Reliability | ASCRM-CWE-704: Incorrect Type Conversion or Cast | Technology / Unit | - | ABAP / SAP SQL | ||
Reliability | ASCRM-CWE-772: Missing Release of Resource after Effective Lifetime | Technology / Unit | - | ABAP / SAP SQL | ||
Reliability | ASCRM-CWE-788: Memory Location Access After End of Buffer | Technology / Unit | - | ABAP / SAP SQL | ||
Reliability | ASCRM-RLB-02: Serializable Storable Data Element without Serialization Control Element | Technology / Unit | N/A | 此规则不适用于ABAP语言。 | ABAP / SAP SQL | |
Reliability | ASCRM-RLB-03: Serializable Storable Data Element with non-Serializable Item Elements | Technology / Unit | N/A | 此规则不适用于ABAP语言。 | ABAP / SAP SQL | |
Reliability | ASCRM-RLB-04: Persistant Storable Data Element without Proper Comparison Control Element | Technology / Unit | - | ABAP / SAP SQL | ||
Reliability | ASCRM-RLB-05: Runtime Resource Management Control Element in a Component Built to Run on Application Servers | Technology / Unit | - | ABAP / SAP SQL | ||
Reliability | ASCRM-RLB-10: Data Access Control Element from Outside Designated Data Manager Component | System / Technology | AC | Architecture Checker | 使用架构检查器定义架构并指定层之间的授权链接允许使用跳过层的调用精确定位组件。 | ABAP / SAP SQL |
Reliability | ASCRM-RLB-11: Named Callable and Method Control Element in Multi-Thread Context with non-Final Static Storable or Member Element | Technology | - | ABAP / SAP SQL | ||
Reliability | ASCRM-RLB-13: Inter-Module Dependency Cycles | Technology | - | ABAP / SAP SQL | ||
Reliability | ASCRM-RLB-14: Parent Class Element with References to Child Class Element | Technology | 7934 | Avoid Superclass (or Interface) knowing Subclass (or Interface) | 直接执行规则。 | ABAP / SAP SQL |
Security | ASCSM-CWE-022: Path Traversal Improper Input Neutralization | System / Technology | - | ABAP / SAP SQL | ||
Security | ASCSM-CWE-078: OS Command Injection Improper Input Neutralization | System / Technology | - | ABAP / SAP SQL | ||
Security | ASCSM-CWE-079: Cross-site Scripting Improper Input Neutralization | System / Technology | - | ABAP / SAP SQL | ||
Security | ASCSM-CWE-089: SQL Injection Improper Input Neutralization | System / Technology | - | ABAP / SAP SQL | ||
Security | ASCSM-CWE-99: Name or Reference Resolution Improper Input Neutralization | System / Technology / Unit | - | ABAP / SAP SQL | ||
Security | ASCSM-CWE-120: Buffer Copy without Checking Size of Input | Technology / Unit | - | ABAP / SAP SQL | ||
Security | ASCSM-CWE-129: Array Index Improper Input Neutralization | System / Technology | - | ABAP / SAP SQL | ||
Security | ASCSM-CWE-134: Format String Improper Input Neutralization | System / Technology | - | ABAP / SAP SQL | ||
Security | ASCSM-CWE-434: File Upload Improper Input Neutralization | System / Technology | - | ABAP / SAP SQL | ||
Security | ASCSM-CWE-606: Unchecked Input for Loop Condition | System / Technology | - | ABAP / SAP SQL | ||
Security | ASCSM-CWE-667: Shared Resource Improper Locking | Technology | - | ABAP / SAP SQL | ||
Security | ASCSM-CWE-672: Expired or Released Resource Usage | Technology / Unit | - | ABAP / SAP SQL | ||
Security | ASCSM-CWE-681: Numeric Types Incorrect Conversion | Technology / Unit | 8114 | Avoid numerical data corruption during incompatible mutation | 用于类型char、date、float和packed的OMG规则的实现。 | ABAP / SAP SQL |
Security | ASCSM-CWE-772: Missing Release of Resource after Effective Lifetime | Technology / Unit | - | ABAP / SAP SQL | ||
Security | ASCSM-CWE-789: Uncontrolled Memory Allocation | System / Technology | N/A | 此规则不适用于ABAP语言。 | ABAP / SAP SQL | |
Security | ASCSM-CWE-798: Hard-Coded Credentials Usage for Remote Authentication | Technology / Unit | - | ABAP / SAP SQL | ||
Security | ASCSM-CWE-835: Loop with Unreachable Exit Condition (Infinite Loop) | Technology / Unit | - | ABAP / SAP SQL |
针对C++和Microsoft SQL应用的单元层CISQ/OMG质量测量规则详见:针对ABAP和SAP SQL应用的CISQ/OMG自动化源代码测量标准覆盖 - 单元层。