Ham*_*Lin 5 java spring spring-mvc fortify
我遇到了一个问题。我们在我的项目中使用 Spring MVC 框架,但 Spring MVC 默认控制器是单例模型。我通过会话更改控制器使用 @Scope("session") 以避免竞争条件问题(每个人都有自己的控制器)。
@Controller
@Scope("session")
public class AP0Controller extends BaseController {
@Autowired
GnRecService gnRecService;
Integer seq = null;//Global variable
@RequestMapping(value = "/agn/AP1W01A_004", method=RequestMethod.GET)
public ModelAndView welcomeGrid(@RequestParam("payType")String payType){
seq = gnRecService.findTheLastPK(payType);
ModelAndView view = new ModelAndView(".agn.AP1W01A_004");
return view;
}
public ModelAndView showPk() {
seq +=2;
ModelAndView view = new ModelAndView(".agn.AP1W01A_004");
view.addObject("seq",seq)
return view;
}
}
HP Fortify 扫描后,报告指出这将导致竞争条件。我该如何解决并通过问题?
seq +=2;//Race Condition: Singleton Member Field
小智 0
尝试重新设计您的控制器以不将状态放入其中。或者你可以考虑使用 AtomicInteger
AtomicInteger seq = new AtomicInteger();//Global variable
@RequestMapping(value = "/agn/AP1W01A_004", method=RequestMethod.GET)
public ModelAndView welcomeGrid(@RequestParam("payType")String payType){
seq.set(gnRecService.findTheLastPK(payType));
ModelAndView view = new ModelAndView(".agn.AP1W01A_004");
return view;
}
public ModelAndView showPk() {
final int localSeq = seq.addAndGet(2);
ModelAndView view = new ModelAndView(".agn.AP1W01A_004");
view.addObject("seq",localSeq)
return view;
}
| 归档时间: |
|
| 查看次数: |
15647 次 |
| 最近记录: |