sonar-dotnet icon indicating copy to clipboard operation
sonar-dotnet copied to clipboard

Published 20 hours ago verified publisher icon SonarSource

Fix S3900 FP: Recognize ArgumentNullException.ThrowIfNull()

Open bart-vmware opened this issue 3 years ago • 5 comments

Description

S3900 (Arguments of public methods should be validated against null) does not recognize the usage of ArgumentNullException.ThrowIfNull(), which was added in .NET 6.

Repro steps

public class Example
{
    public void Run(string name)
    {
        ArgumentNullException.ThrowIfNull(name);

        int len = name.Length; // FP S3900
    }
}

image

Expected behavior

No warning reported.

Actual behavior

Warning reported.

Known workarounds

Suppress S3900.

Related information

  • C#/VB.NET Plugins version: SonarAnalyzer.CSharp (NuGet package) v8.40.0.48530
  • Visual Studio version: Microsoft Visual Studio Community 2022 (64-bit) v17.2.3
  • MSBuild version: Microsoft (R) Build Engine version 17.2.1+52cd2da31 for .NET Framework, v17.2.1.25201
  • dotnet version: v6.0.300
  • SonarScanner for .NET version (if used): ?
  • Operating System: Windows 10 Enterprise 21H2 x64 ENU, v19044.1706

bart-vmware avatar Jun 12 '22 19:06 bart-vmware

Hi @bart-vmware,

Thank you for reporting this, I confirm it as FP. We plan to fix it as part of MMF-2401 (not a public link, unfortunately)

pavel-mikula-sonarsource avatar Jun 13 '22 06:06 pavel-mikula-sonarsource

The same issue applies to:

  • S4456: Parameter validation in yielding methods should be wrapped
  • S4457: Parameter validation in "async"/"await" methods should be wrapped

I couldn't find a product roadmap. Do you have any idea or rough estimation when this will be released?

Edit: mentioned S4456 twice, instead of S4456 and S4457.

bart-vmware avatar Jun 14 '22 10:06 bart-vmware

Please create a new issue with reproducers for the S4456. That has a different root cause (and might be way easier to fix).

There's no official ETA for the MMFs. My guess is that MMF-2401 will be available in 3rd analyzer release from now. We release roughly every 3-4 weeks.

pavel-mikula-sonarsource avatar Jun 14 '22 12:06 pavel-mikula-sonarsource

Thanks, that estimation is helpful. I've created #5744 for S4456/S4457.

bart-vmware avatar Jun 15 '22 07:06 bart-vmware

see also #6083

martin-strecker-sonarsource avatar Sep 13 '22 11:09 martin-strecker-sonarsource

The implementation should also cover ArgumentException.ThrowIfNullOrEmpty

pavel-mikula-sonarsource avatar Feb 27 '23 14:02 pavel-mikula-sonarsource

It's hard to accept, that this is not fixed in the current 9.9 LTS. As the next LTS will be in around 18 month, i.e. autumn 2024, then the next .NET 8 LTS with C# 12 will be deliverd for several months. And SonarQube we can no longer update the scanners of an installed SonarQube server.

milbrandt avatar Mar 08 '23 18:03 milbrandt

ArgumentNullException.ThrowIfNull() is supported by S3900 in version 8.56 of the analyzer. The issue stays open until https://github.com/SonarSource/sonar-dotnet/pull/7039 is merged which contains test coverage for the feature.

martin-strecker-sonarsource avatar Apr 20 '23 15:04 martin-strecker-sonarsource

I am on Version 9.9.3 (build 79811) (selfhosted) and ArgumentNullException.ThrowIfNull is not recognized. e.g. code like this:

string Method(string parameter)
{
  ArgumentNullException.ThrowIfNull(parameter);
  return paramter.ToUpper();
}
Still produces S3900.

Mrxx99 avatar Dec 12 '23 16:12 Mrxx99