如何解决Fortify竞赛条件:Singleton Member Field问题 [英] How to fix Fortify Race Condition: Singleton Member Field issue
问题描述
我遇到问题. 我们在我的项目中使用Spring MVC框架,但是Spring MVC的默认Controller是Singleton Model. 我通过会话更改Controller使用@Scope("session")以避免出现竞争状况问题(每个人都有自己的Controller).
I encounter a problem. we use Spring MVC framework in my Project,but Spring MVC default Controller is Singleton Model. I change Controller use @Scope("session") by session to avoid race Condition problem(everyone has own Controller).
@Controller
@Scope("session")
public class AP0Controller extends BaseController {
@Autowired
GnRecService gnRecService;
Integer seq = null;//Global variable
@RequestMapping(value = "/agn/AP1W01A_004", method=RequestMethod.GET)
public ModelAndView welcomeGrid(@RequestParam("payType")String payType){
seq = gnRecService.findTheLastPK(payType);
ModelAndView view = new ModelAndView(".agn.AP1W01A_004");
return view;
}
public ModelAndView showPk() {
seq +=2;
ModelAndView view = new ModelAndView(".agn.AP1W01A_004");
view.addObject("seq",seq)
return view;
}
}
由HP Fortify扫描后,报告指出这将导致竞态. 如何解决并解决问题?
After Scanned By HP Fortify,the report indicated this will cause Race Condition. How can I fix it and pass the issue?
seq +=2;//Race Condition: Singleton Member Field
推荐答案
请尝试重新设计控制器,使其不放入状态. 另外,您可以考虑使用AtomicInteger
Try do redesign your controller to not put state in it. Alternatively you can think about using AtomicInteger
AtomicInteger seq = new AtomicInteger();//Global variable
@RequestMapping(value = "/agn/AP1W01A_004", method=RequestMethod.GET)
public ModelAndView welcomeGrid(@RequestParam("payType")String payType){
seq.set(gnRecService.findTheLastPK(payType));
ModelAndView view = new ModelAndView(".agn.AP1W01A_004");
return view;
}
public ModelAndView showPk() {
final int localSeq = seq.addAndGet(2);
ModelAndView view = new ModelAndView(".agn.AP1W01A_004");
view.addObject("seq",localSeq)
return view;
}
这篇关于如何解决Fortify竞赛条件:Singleton Member Field问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!