Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Static analysis tool for String.format #87166

Open
pgomulka opened this issue May 26, 2022 · 8 comments
Open

Static analysis tool for String.format #87166

pgomulka opened this issue May 26, 2022 · 8 comments
Labels
:Core/Infra/Logging Log management and logging utilities :Delivery/Tooling Developer tooliing and automation >enhancement Team:Core/Infra Meta label for core/infra team Team:Delivery Meta label for Delivery team

Comments

@pgomulka
Copy link
Contributor

Description

String.format can throw RuntimeException when a format has more place holders than provided arguments. If more arguments is provided, it silently return a result.
When a String.format is used in logging, more importantly in delayed execution for instance

logger.trace(()->String.format("%s %s", "hello"))

it will not fail when tested without logging level set to trace.

ES should use a static analysis to find out usages of String.format like this (and the Strings.format which is a utility in core)
Sonarqube has a rule for this, maybe it could be adopted?
https://rules.sonarsource.com/java/RSPEC-2275
@pgomulka pgomulka added >enhancement :Core/Infra/Logging Log management and logging utilities labels May 26, 2022
@elasticmachine elasticmachine added the Team:Core/Infra Meta label for core/infra team label May 26, 2022
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-core-infra (Team:Core/Infra)

This was referenced May 26, 2022
Merged
Open
@pugnascotia pugnascotia added the :Delivery/Tooling Developer tooliing and automation label Jun 8, 2022
@elasticmachine elasticmachine added the Team:Delivery Meta label for Delivery team label Jun 8, 2022
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-delivery (Team:Delivery)

@mark-vieira
Copy link
Contributor

IntelliJ has an inspection for this, but it's not an error so this can still slip into the codebase. I suspect we could write a custom checkstyle rule for this.

@pugnascotia
Copy link
Contributor

Do we not already have some prior art with ESLoggerUsageChecker? It's doing a similar thing, I think?

@pgomulka
Copy link
Contributor Author

pgomulka commented Jun 9, 2022

Do we not already have some prior art with ESLoggerUsageChecker? It's doing a similar thing, I think?

we do, but extending ESLoggerUsageChecker to work with String.format is a lot of work. This is because Logger would just allow for {} but String.format allows for a lot of different % quantifiers https://docs.oracle.com/javase/7/docs/api/java/util/Formatter.html
We would have to duplicate a lot of validation logic that is performed in String.format now and I wanted to avoid this. https://github.com/openjdk/jdk/blob/master/src/java.base/share/classes/java/util/Formatter.java#L2806\

ESLoggerUsageChecker in itself is not easy to extend. If there is a easier to adopt tool it would save us a lot of effort

@pugnascotia
Copy link
Contributor

Sorry, I didn't mean to suggest that we extend ESLoggerUsageChecker, just that we have written code to do this sort of checking before.

@joegallo
Copy link
Contributor

Related to #103186

@joegallo joegallo mentioned this issue Jan 25, 2024
Open
@joegallo
Copy link
Contributor

I suppose the best version of this would handle org.elasticsearch.common.Strings.format and org.elasticsearch.core.Strings.format, too.

This was referenced Jan 25, 2024
Merged
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
:Core/Infra/Logging Log management and logging utilities :Delivery/Tooling Developer tooliing and automation >enhancement Team:Core/Infra Meta label for core/infra team Team:Delivery Meta label for Delivery team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@joegallo @mark-vieira @grcevski @pugnascotia @pgomulka @elasticmachine