Page tree
Skip to end of metadata
Go to start of metadata

这个页面展示了CISQ/OMG质量测量规则在系统技术层面上的覆盖,这些应用基于CAST AIP支持的ABAP技术SAP SQL。ABAP和SAP SQL是许多应用中使用的常见技术堆栈的一个示例。必要时CAST可以帮助为其它技术组合创建CISQ覆盖率的概述。

OMG 特征OMG 规则 Id 和名称级别AIP QR IdAIP QR 名称范围说明源技术
MaintainabilityASCMM-MNT-02: Class Element Excessive Inheritance of Class Elements with Concrete Implementation  Technology-

ABAP / SAP SQL
MaintainabilityASCMM-MNT-04: Callable and Method Control Element Number of Outward CallsSystem / Technology / Unit7778Avoid Artifacts with High Fan-Out直接执行规则。ABAP / SAP SQL
MaintainabilityASCMM-MNT-07: Inter-Module Dependency CyclesTechnologyN/A
ABAP开发中没有模块。包以层次结构组织。ABAP / SAP SQL
MaintainabilityASCMM-MNT-09: Horizontal Layer Excessive NumberSystemACArchitecture Checker在定义架构时,会检测到过多的层。ABAP / SAP SQL
MaintainabilityASCMM-MNT-10: Named Callable and Method Control Element Multi-Layer SpanSystemACArchitecture Checker在定义架构时,将检测跨多个层的组件。ABAP / SAP SQL
MaintainabilityASCMM-MNT-12: Named Callable and Method Control Element with Layer-skipping CallSystemACArchitecture Checker使用架构检查器定义架构并指定层之间的授权链接允许使用跳过层的调用精确定位组件。ABAP / SAP SQL
Ma-intainabilityASCMM-MNT-17: Class Element Excessive Inheritance LevelTechnology7802Avoid Classes with a High Depth of Inheritance Tree直接执行规则。ABAP / SAP SQL
MaintainabilityASCMM-MNT-18: Class Element Excessive Number of ChildrenTechnology7792Avoid Classes with a High Number Of Children直接执行规则。ABAP / SAP SQL
MaintainabilityASCMM-MNT-20: Unreachable Named Callable or Method Control ElementSystem / Technology7860Avoid unreferenced Functions and Stored Procedures直接执行规则。ABAP / SAP SQL
MaintainabilityASCMM-MNT-20: Unreachable Named Callable or Method Control ElementSystem / Technology7908Avoid unreferenced Methods直接执行规则。ABAP / SAP SQL
Performance EfficiencyASCPEM-PRF-04: Data Resource Read and Write Access Excessive ComplexitySystem / Technology / Unit7808Avoid Artifacts with SQL statement including subqueries子查询增加了SQL查询的复杂性。这个AIP规则检查嵌套的SQL查询。ABAP / SAP SQL
Performance EfficiencyASCPEM-PRF-05: Data Resource Read Access Unsupported by Index ElementSystem / Technology / Unit7870Avoid using the NOT LIKE operator in WHERE clauses在条件中使用负运算符可以防止在SQL查询中使用索引。这个AIP规则检查在WHERE子句中使用NOT LIKE的查询。ABAP / SAP SQL
Performance EfficiencyASCPEM-PRF-05: Data Resource Read Access Unsupported by Index ElementSystem / Technology / Unit7878Avoid Open SQL SELECT queries without WHERE condition没有条件的查询不使用索引并执行全表扫描。这个AIP规则检查没有WHERE子句的查询。ABAP / SAP SQL
Performance EfficiencyASCPEM-PRF-05: Data Resource Read Access Unsupported by Index ElementSystem / Technology / Unit7902Avoid SQL queries that no index can support直接执行规则。ABAP / SAP SQL
Performance EfficiencyASCPEM-PRF-05: Data Resource Read Access Unsupported by Index ElementSystem / Technology / Unit7904Avoid SQL queries on XXL tables that no index can support直接执行规则,但应用于具有大量行的数据库表。ABAP / SAP SQL
Performance EfficiencyASCPEM-PRF-08: Control Elements Requiring Significant Resource Element within Control Flow Loop BlockSystem / Technology / Unit7424Avoid using SQL queries inside a loopSQL查询在资源方面可能很昂贵。这个AIP规则检查在循环中执行的查询。ABAP / SAP SQL
Performance EfficiencyASCPEM-PRF-08: Control Elements Requiring Significant Resource Element within Control Flow Loop BlockSystem / Technology / Unit7880Avoid nested loopsOMG规则是为嵌套循环实现的。ABAP / SAP SQL
Performance EfficiencyASCPEM-PRF-09: Non-Stored SQL Callable Control Element with Excessive Number of Data Resource AccessTechnology / Unit7544Avoid using SELECT ... ENDSELECT statement选择. .众所周知,ENDSELECT语句会影响数据库访问中的性能。ABAP / SAP SQL
Performance EfficiencyASCPEM-PRF-10: Non-SQL Named Callable and Method Control Element with Excessive Number of Data Resource AccessSystem-

ABAP / SAP SQL
Performance EfficiencyASCPEM-PRF-11: Data Access Control Element from Outside Designated Data Manager ComponentSystem / TechnologyACArchitecture Checker使用架构检查器定义架构并指定层之间的授权链接允许使用跳过层的调用精确定位组件。ABAP / SAP SQL
Performance EfficiencyASCPEM-PRF-12: Storable and Member Data Element Excessive Number of Aggregated Storable and Member Data ElementsTechnology / Unit7424Avoid using SQL queries inside a loopSQL查询在资源方面可能很昂贵。这个AIP规则检查在循环中执行的查询。ABAP / SAP SQL
Performance EfficiencyASCPEM-PRF-14: Storable and Member Data Element Memory Allocation Missing De-Allocation Control ElementTechnology / Unit-

ABAP / SAP SQL
Performance EfficiencyASCPEM-PRF-15: Storable and Member Data Element Reference Missing De-Referencing Control ElementTechnology / Unit-

ABAP / SAP SQL
ReliabilityASCRM-CWE-120: Buffer Copy without Checking Size of InputTechnology / Unit-

ABAP / SAP SQL
ReliabilityASCRM-CWE-252-data: Unchecked Return Parameter Value of named Callable and Method Control Element with Read, Write, and Manage Access to Data ResourceSystem / Technology / Unit7520Avoid unchecked return code (SY-SUBRC) after OPEN SQL or READ statement直接实现ABAP内部表和数据库表的访问规则。ABAP / SAP SQL
ReliabilityASCRM-CWE-704: Incorrect Type Conversion or CastTechnology / Unit-

ABAP / SAP SQL
ReliabilityASCRM-CWE-772: Missing Release of Resource after Effective LifetimeTechnology / Unit-

ABAP / SAP SQL
ReliabilityASCRM-CWE-788: Memory Location Access After End of BufferTechnology / Unit-

ABAP / SAP SQL
ReliabilityASCRM-RLB-02: Serializable  Storable Data Element without Serialization Control ElementTechnology / UnitN/A
此规则不适用于ABAP语言。ABAP / SAP SQL
ReliabilityASCRM-RLB-03: Serializable Storable Data Element with non-Serializable Item ElementsTechnology / UnitN/A
此规则不适用于ABAP语言。ABAP / SAP SQL
ReliabilityASCRM-RLB-04: Persistant  Storable Data Element without Proper Comparison Control ElementTechnology / Unit-

ABAP / SAP SQL
ReliabilityASCRM-RLB-05: Runtime Resource Management Control Element in a Component Built to Run on Application ServersTechnology / Unit-

ABAP / SAP SQL
ReliabilityASCRM-RLB-10: Data Access Control Element from Outside Designated Data Manager ComponentSystem / TechnologyACArchitecture Checker使用架构检查器定义架构并指定层之间的授权链接允许使用跳过层的调用精确定位组件。ABAP / SAP SQL
ReliabilityASCRM-RLB-11: Named Callable and Method Control Element in Multi-Thread Context with non-Final Static Storable or Member Element Technology-

ABAP / SAP SQL
ReliabilityASCRM-RLB-13: Inter-Module Dependency CyclesTechnology-

ABAP / SAP SQL
ReliabilityASCRM-RLB-14: Parent Class Element with References to Child Class ElementTechnology7934Avoid Superclass (or Interface) knowing Subclass (or Interface)直接执行规则。ABAP / SAP SQL
SecurityASCSM-CWE-022: Path Traversal Improper Input NeutralizationSystem / Technology-

ABAP / SAP SQL
SecurityASCSM-CWE-078: OS Command Injection Improper Input NeutralizationSystem / Technology-

ABAP / SAP SQL
SecurityASCSM-CWE-079: Cross-site Scripting Improper Input NeutralizationSystem / Technology-

ABAP / SAP SQL
SecurityASCSM-CWE-089: SQL Injection Improper Input NeutralizationSystem / Technology-

ABAP / SAP SQL
SecurityASCSM-CWE-99: Name or Reference Resolution Improper Input NeutralizationSystem / Technology / Unit-

ABAP / SAP SQL
SecurityASCSM-CWE-120: Buffer Copy without Checking Size of InputTechnology / Unit-

ABAP / SAP SQL
SecurityASCSM-CWE-129: Array Index Improper Input NeutralizationSystem / Technology-

ABAP / SAP SQL
SecurityASCSM-CWE-134: Format String Improper Input NeutralizationSystem / Technology-

ABAP / SAP SQL
SecurityASCSM-CWE-434: File Upload Improper Input NeutralizationSystem / Technology-

ABAP / SAP SQL
SecurityASCSM-CWE-606: Unchecked Input for Loop ConditionSystem / Technology-

ABAP / SAP SQL
SecurityASCSM-CWE-667: Shared Resource Improper LockingTechnology-

ABAP / SAP SQL
SecurityASCSM-CWE-672: Expired or Released Resource UsageTechnology / Unit-

ABAP / SAP SQL
SecurityASCSM-CWE-681: Numeric Types Incorrect ConversionTechnology / Unit8114Avoid numerical data corruption during incompatible mutation用于类型char、date、float和packed的OMG规则的实现。ABAP / SAP SQL
SecurityASCSM-CWE-772: Missing Release of Resource after Effective LifetimeTechnology / Unit-

ABAP / SAP SQL
SecurityASCSM-CWE-789: Uncontrolled Memory AllocationSystem / TechnologyN/A
此规则不适用于ABAP语言。ABAP / SAP SQL
SecurityASCSM-CWE-798: Hard-Coded Credentials Usage for Remote AuthenticationTechnology / Unit-

ABAP / SAP SQL
SecurityASCSM-CWE-835: Loop with Unreachable Exit Condition (Infinite Loop)Technology / Unit-

ABAP / SAP SQL

针对C++和Microsoft SQL应用的单元层CISQ/OMG质量测量规则详见:针对ABAP和SAP SQL应用的CISQ/OMG自动化源代码测量标准覆盖 - 单元层

  • No labels