如何解决Fortify竞赛条件:Singleton Member Field问题
我遇到问题了。我们在我的项目中使用Spring MVC框架,但是Spring MVC的默认Controller是Singleton
Model。我通过会话更改Controller使用@Scope(“ session”)以避免出现竞争状况问题(每个人都有自己的Controller)。
@Controller@Scope("session")
public class AP0Controller extends BaseController {
@Autowired
GnRecService gnRecService;
Integer seq = null;//Global variable
@RequestMapping(value = "/agn/AP1W01A_004", method=RequestMethod.GET)
public ModelAndView welcomeGrid(@RequestParam("payType")String payType){
seq = gnRecService.findTheLastPK(payType);
ModelAndView view = new ModelAndView(".agn.AP1W01A_004");
return view;
}
public ModelAndView showPk() {
seq +=2;
ModelAndView view = new ModelAndView(".agn.AP1W01A_004");
view.addObject("seq",seq)
return view;
}
}
经过HP Fortify扫描后,报告指出这将导致竞态条件。如何解决并解决问题?
seq +=2;//Race Condition: Singleton Member Field回答:
尝试重新设计控制器,使其不进入状态。另外,您可以考虑使用AtomicInteger
AtomicInteger seq = new AtomicInteger();//Global variable@RequestMapping(value = "/agn/AP1W01A_004", method=RequestMethod.GET)
public ModelAndView welcomeGrid(@RequestParam("payType")String payType){
seq.set(gnRecService.findTheLastPK(payType));
ModelAndView view = new ModelAndView(".agn.AP1W01A_004");
return view;
}
public ModelAndView showPk() {
final int localSeq = seq.addAndGet(2);
ModelAndView view = new ModelAndView(".agn.AP1W01A_004");
view.addObject("seq",localSeq)
return view;
}
以上是 如何解决Fortify竞赛条件:Singleton Member Field问题 的全部内容, 来源链接: utcz.com/qa/435703.html
