Measure amount of WTFs per package or project

I created a library that measures amount of WTFs per package or project. This library is a by-product that derived from what I was doing few days ago:

I was dabbling with Java and decided to take a break. I came across a well know image that depicts code review session behind closed doors. The image called “The only valid measurement of code quality: WTF/minute”. I decided to make an extension to the latter concept.

This library brings you the ability to mark code smells in your source code (Classes, methods, fields etc.) with ‘WTF’ annotation. The WTF annotation accepts an arbitary message, if none provided, the default message ‘Dude.. WTF?!’ is used instead. When source compiles, the compiler generates a warning using the message from the detected annotation(s) and information about annotated element. The following is a sample output from compiling a class containing WTF annotations:

Warning: : In CLASS [wtf.per.project.model.DummyPojoImpl] :CLASS level => WTF?! Are you for real?! This naming convention is bad!
Warning: : In CLASS [wtf.per.project.model.DummyPojoImpl] : FIELD ‘SOME_CONSTANT’ => WTF?! What is this non-descriptive name?
Warning: : In CLASS [wtf.per.project.model.DummyPojoImpl] : CONSTRUCTOR ‘DummyPojoImpl(java.lang.String)’ => WTF?! Dude.. WTF?!

The library also provides a custom JUnit test runner class. The runner consumes package name, annotation class and search filter through @Grep annotation (used in conjunction with @RunWith). The runner scans .class files under the given package, its sub-packages and JARs for the given annotation (for example WTF.class) occurrences. If String regex pattern provided in @Grep, classes are filtered out from being scanned based on the filter. The runner uses a test class internally to assert whether the code is still infested with WTFs (or any other annotation class set in @Grep).

The analysis of .class files within given package, its sub-packages and any JAR files found is done using reflection. At first I was using third party library called ‘Reflections’ for this task (which is a very good tool btw!), but I ended up not using it anymore. I did not want to have third party dependencies and implemented my own meta data analysis in order to keep the library size small and lean. In the near future, I will extract the metadata analysis logic into a separate library. It should be quite flexible since there different .class file scanners in place. For example, scanner for constructors only or for method parameters, fields only etc.

So, if runner’s test assertion fails (given annotation like @WTF found present in the code), the test class generates metrics about how many WTFs are there and where. These metrics appended to the assertion failure message. For example, the following is the example of the custom JUnit runner:

@RunWith(WTFsPerProject.class) 
@Grep(packageName = "wtf.per.project.model", 
classNameFilter = ".*", annotationClass = WTF.class) 
public final class WTFsPerProjectRunner { }

I have few POJOs marked with WTF annoation, the following is the produced output after running the above runner:

Another example of the custom JUnit runner:

@RunWith(WTFsPerProject.class) 
//Grep only inner classes 
@Grep(packageName = "wtf.per.project.model", 
classNameFilter = ".*[$].*", annotationClass = WTF.class) 
public final class WTFsPerProjectRunner { }

Disclaimer

I created this library for fun. Nothing more. If someone actually decides to use it – great.

If you want you can fork it on Github

Please report if you experience any problems :)

Is TDD Only for … Junior Developers??

Just before the Easter holidays, I had a discussion with two senior developers from my project about TDD. These guys are experienced software engineers that have been around for some time: they have 11 and 20 years of experience in software development under their belts.

I don’t claim to be an advocate for TDD. Currently, I do not practice it (yet), but I do recognize and appreciate its importance. TDD really “forces” you to have clear understanding about the business requirements to be implemented. You cant implement what you do not understand, right? Because you have to write the test first, your code becomes more solid, less bug prune and you have better test coverage.

Sure, writing the test first its an interesting concept: You start writing a test, and you discoverer that you need a class, and possibly a function. You create the class, function and keep writing the test. Basically, you write few lines of test, and few lines of code, few more lines of test and few more lines of code etc. etc.

Ok, I think I diverted a bit, back to the topic :) The discussion took an interesting turn, and I still keep thinking about it. My question to them was – what do you think about TDD? The responses I received totally surprised me.

One of the claims supported by them, was that TDD does not serve much purpose, and a developer will end up re-factoring the unit tests eventually anyway as a result of re-factoring the concrete classes as the development goes on. So if latter is the case, my colleagues argued that there is no point writing unit tests first. Its better to finish writing concrete class, before attempting to write any unit tests.

Also, one of the developers claimed that many books and articles written on TDD discuss examples that are quite simple to implement, and in reality it is quite difficult to use TDD for complex business scenarios.

Another claim was that TDD should be used to teach junior developers the importance of unit testing, the experienced developers don’t really need to use it. The developers should follow KISS principles instead.

I respected their opinions about it, but it seemed fundamentally wrong to me that such experienced developers claim that TDD is basically overrated. The feeling that I got from them was that a lot of developers and software engineers in IT industry really got it wrong.

It got me wondering how, after more than ten years of experience in the industry, one does not appreciate one of the best software engineering practices around …

Offcourse, having said all that, I must point out that TDD is not suitable for every case. TDD can be effective only when it is clear what need to be implemented and there is a deep understanding of requirements.

How To Define a Spring Bean With Generics Parameter

At the time when this article was written, the Spring framework does not allow to define beans in application context xml file using parameterized classes. The reason for that is that generics parameters are compiler information, and not run-time. Compiler information is something that Spring does not care about. For example, the following (or something similar) will NOT work:

<bean id="someClass" class="asia.javabeans.SomeClass<asia.javabeans.Blah>"  />

Sometimes, this restriction can create a problem if you have a parameterized class that has to be loaded by Spring. As a workaround, create an empty child class that extends your parameterized class, and then use that class’s canonical name as your bean definition. Consider the following parameterized parent and the extending child classes:

public class SomeParent<Blah> {

}

public class Child extends SomeParent<Blah> {
   // Just an empty class
}

and your Spring definition can now look like this:

<bean id="childClass" class="asia.javabeans.Child" />

The down side here is that you get stuck with an empty class, but at least you can have your bean definition in your application context xml file.

Inheritance and Generics with Abstract Data Types

In this article, I want to demonstrate a simple inheritance example that uses generics.  The abstract parent class is generic in the type, and it defines an abstract method that accepts as a method parameter the generic data type.

The generic data type used by the extending child in the implementation of the abstract method. This example is going to discuss the benefit of this approach.

Consider the following parent class:

public abstract class Parent<T> {
    protected abstract void process(T data);
}

Consider the following two child classes that extend the parent:

public class Child extends Parent<SomeClass> {
    @Override
    public void process(SomeClass data) {
        // Do stuff
    }
}
public class AnotherChild extends Parent<OtherClass> {
    @Override
    public void process(OtherClass data) {
        // Do stuff
    }
}

You can clearly see how this approach creates flexibility when multiple child classes require different data type parameters when implementing the abstract method. Because of the generic type setting in the abstract method, any data type can be passed to the child. This approach can be particularly useful when implementing a strategy design pattern.

Brainteaser: Overridable methods

Consider the following case of inheritance:

public class  Parent {
   public Parent()  {
	getValue();
   }
   public void getValue()  {

   }
}

public class  Child extends Parent {
   private final Integer integer;
   public Child()  {
	integer = new Integer(888);
   }

   @Override
   public void getValue()  {
	System.out.println(integer);
   }
}

Question: What would the following program print, why?

public class  Test {
   public static void main(String[] args)  {
	Child child = new Child();
	child.getValue();
   }
}

Lets assume that getValue() implementation in Child class was changed to:

@Override
public void getValue()  {
     System.out.println(integer.toString());
}

Question: What would the output of the Test class be now, why?

Brainteaser: Broken Case of Inheritance

Consider the following case of inheritance:

public class ExtendingHashSet<E> extends HashSet<E>  {
   private int counter = 0;

   public ExtendingHashSet() {

   }

   @Override
   public boolean add(E e)  {
      counter++;
      return super.add(e);
   }

   @Override
   public boolean addAll(Collection&lt;? extends E&gt; c)  {
      counter += c.size();
      return super.addAll(c);
   }

   public int getCounter()  {
      return counter;
   }
}

Created instance:

ExtendingHashSet<String> s = new ExtendingHashSet<String>();
s.addAll(Arrays.asList("one", "two", "three"));

Question: What value would s.getCounter() method return at this point and why?

Looking forward for your answers dear readers

How to Prevent iFrame Breakaway

Few days ago I was searching for a solution to the problem I’ve encountered – I needed to prevent a third party page to break out of iframe inside a web page of my web application. For people who are not closely familiar with JavaScript, the following JS snippet will make it more clear how page can break out of iframe:

if (top.location.href != self.location.href)  {
    top.location.href = self.location.href;
}

If the current page is not the parent window – become the parent window.

I needed to implement something on my end, that would block or prevent the above script or similar to it from executing. I’ve spent several hours browsing the Net, talking to people on IRC and simply playing trial and error.

After some time, I understood that I wont be able to find a solution to my problem, simply because there is none unfortunately. But, having said that, I have some findings to share:

  1. There is iframe security attribute which only works on IE. Setting this attribute to security=”restricted”, will prevent iframe to break out. Its always “nice” to see that MS have few tricks up their sleeve :). Also, on one of the forums, someone mentioned that the same attribute will work under Opera as well as under IE. I personally haven’t tested it my self under Opera, I can just say that it works for IE and not FF.
  2. To make use of window.onbeforeunload event and prompt user with a dialog that requires user’s input if he agrees to navigate away from the current page. If user disagrees (clicks “cancel”), he will remain on the current page. So here in a sense iframe breakaway was canceled. By the way, there is no way to suppress the dialog prompt and make event from clicking “cancel” default.
  3. To grab the content of third party page using PHP Curl lib and to create your own placeholder page for that content. Then the placeholder page can be put inside iframe. The page or the grabbed content will not attempt to breakout, but any request submitted to the placeholder page (hyper link or button click on the grabbed content) will cause page to unload.

Also, while researching, I came across this post that talks about preventing iframe breakaway and click jacking with the help of 204 header response code.

After all that, my conclusion is:
If the page inside iframe is not yours, in other words it is a page hosted under another domain, its not possible actually to stop a page from unloading. Having something like that, would allow malicious sites to “trap” a user indefinitely.

I would love to hear any other suggestions regarding iframe breakout you may have dear readers.

Cheers

Java and Those Frameworks

I came across an interesting article that discusses today’s application developers making extensive use of different frameworks in their applications.

This is the writer’s opinion:

…Todays projects are over bloated from the use of frameworks that dont really produce a real benefit. Developers spend around 75% of their time just on set up and configuration…

The question I would like to ask you dear readers:
Do todays application developers really exaggerate the use of frameworks?

I think it would be a difficult question to answer. First some clarification is needed – what is exaggeration really? The number of frameworks used or the reduced performance as a result of use of these framework? Or the amount of time developer spends on installation and configuration?

I think first as a developer, one must understand the pros and cons of the framework, and how will it affect the performance of the application to be designed. The developer must have clear idea about what is he trying to achieve by using a particular framework in his application, and whether the framework is going to give him the desired result.

As a developer, when designing an application, one may ask questions which framework should be used depending on application’s requirements. Often the will not be just one framework choice, but several frameworks.

Of course not every developer may face the same situation mentioned above. Proprietary developers rely on leading market software vendors to provide the necessary solutions in one big product bundle.

One has to take several things into account such as future enhancements and possible requirements changes by the client. Using several frameworks to support an application may be look exaggerated at start, but on the long run it may turn out as a better decision. The time spent at the start on initial framework configuration will be paid off during further implementation and maintenance.

In conclusion, I think the ability to know which framework to put for use and when, can come only with experience.

Brainteaser: Broken Comparator

Question: The following program returns result “1″, which indicates that first Integer value is greater than the second, why?

import java.util.*;

public class Example  {

   public static void main(String[] args)  {
      System.out.println(&amp;quot;Result: &amp;quot; +
	   naturalOrder.compare(new Integer(90),
				new Integer(90)));
   }

private static Comparator&amp;lt;Integer&amp;gt; naturalOrder =
				new Comparator&amp;lt;Integer&amp;gt;()  {
   public int compare(Integer first, Integer second)  {
	return first &amp;lt; second ? -1 : (first == second ? 0 :1);
   }
  };
}

Please note:
In this case, comparator for natural order on Integer is written for example only, and in practice there is no need to write it.

Looking forward for your answers dear readers

Resources:
Effective Java

Hack any Java class using reflection attack

Have you ever thought how secure your application is? Well reflection attack can demonstrate how vulnerable Java classes are. In this post, I will try to apply reflection attack on a simple Java class to demonstrate vulnerabilities and what can be done to prevent it (in most cases).

Consider a POJO class:

public final class VictimClass  {

	private String password = "default_password";
	private static final int USER_ID = 3452678;
	private String privateFiled = "default_value";

	/**
	 * Private constructor that should
	 * not be invoked
	 */
	private VictimClass()  {
		System.out.println("Oops... " +
		"This private constructor was not " +
			" suppose to be invoked");
	}

	/**
	 * Private accessor
	 */
	private String getPassword()  {
		return password;
	}

	 /**
	 * Private mutator
	 */
	private void setPassword(String password)  {
		this.password = password;
	}

	 /**
	 * Private static method
	 */
	private static int getUsersId()  {
		return USER_ID;
	}
}

The POJO contains private constructor and several private methods and fields, which I will attempt to invoke and modify using reflection attack.

Now, I cannot say that reflection attacks are possible due to a Java bug. No, its simply how Java classes were designed. The core reflection facility was originally designed for component based application builder tools.

In java.lang.reflect, Constructor, Method and Field extend from parent AccessibleObject class. These objects provide access to the class’s methods and fields. By calling inherited parent method setAccessible(), private variables and methods including private constructors become accessible.

My tester class:

import java.lang.reflect.Constructor;
import java.lang.reflect.Method;
import java.lang.reflect.Field;
import java.lang.reflect.Modifier;
import java.lang.ClassNotFoundException;
import java.lang.InstantiationException;
import java.lang.IllegalAccessException;
import java.lang.reflect.InvocationTargetException;
import java.lang.NoSuchMethodException;

public class Tester  {

   private static String CLASS_NAME = "VictimClass";
   private static Class victimClass = null;
   private static Object victimClassObj = null;

   public static void main(String[] args)  {
	victimClass = loadClass(victimClass, CLASS_NAME);
	printClassStructure();
	attack();
   }

    private static Class loadClass(Class clazzor, String className)  {
 	Thread thread = Thread.currentThread();
	ClassLoader classLoader =
			thread.getContextClassLoader();

	try {
		clazzor = Class.forName(className, true, classLoader);
	}
	catch (ClassNotFoundException e) {
		System.err.println("Error: could not find class: "
			+ CLASS_NAME);
	}

	return clazzor;
   }

   private static void printClassStructure()  {

	Constructor[] constructors =
			victimClass.getDeclaredConstructors();
	for (Constructor c : constructors) {
		int modifier = c.getModifiers();
		System.out.println("Declared constructor name: " +
			c.getName() + "ntis accessible: " +
			c.isAccessible() + "ntis private: " +
			Modifier.isPrivate(modifier) + "n");
	}

	Method[] methods = victimClass.getDeclaredMethods();
	for (Method m : methods) {
		int modifier = m.getModifiers();
		System.out.println("Declared method name: " + m.getName() +
			"ntis accessible: " +
			m.isAccessible() +
			 "ntis private: " +
			Modifier.isPrivate(modifier) +
			 "ntis static: " +
			Modifier.isStatic(modifier) + "n");
	}

	Field[] fields = victimClass.getDeclaredFields();
	for (Field f : fields) {
		int modifier = f.getModifiers();
		System.out.println("Declared field name: " + f.getName() +
			"ntis accessible: " +
			f.isAccessible() +
			 "ntis private: " +
			Modifier.isPrivate(modifier) +
			 "ntis static: " +
			Modifier.isStatic(modifier) +
			 "ntis final: " +
			Modifier.isFinal(modifier) + "n");
	}
   }

   private static void attack()  {

     Field[] fields = victimClass.getDeclaredFields();
     Method[] methods = victimClass.getDeclaredMethods();
     Constructor[] constructors =
		victimClass.getDeclaredConstructors();
   //make constructor accessible
   constructors[0].setAccessible(true);

   System.err.println("Initiating reflection attack:");
   try {
   //create new object by invoking private constructor
   victimClassObj = constructors[0].newInstance(new Object[] {});

   //make static method accessible and get its value
   //please note: when invoking static method,
   //object represented by this Method is null
   methods[2].setAccessible(true);
   Object o = methods[2].invoke(null, new Object[] {});
   System.out.println("Got user ID from private static accessor: "
		 + o.toString());

   //make method accessible and get its value
   methods[0].setAccessible(true);
   o = methods[0].invoke(victimClassObj, new Object[] {});
   System.out.println("Got original password from private accessor: "
	+ o.toString());

   //make method accessible and set to it new value
   methods[1].setAccessible(true);
   System.out.println("Injecting new password using private mutator");
   methods[1].invoke(victimClassObj, new Object[] {"injected_password"});

   //get method's its new value
   o = methods[0].invoke(victimClassObj, new Object[] {});
   System.out.println("Got injected password from private accessor: "
	 + o.toString());

   //make field accessible and get its value
   fields[2].setAccessible(true);
   o = fields[2].get(victimClassObj);
   System.out.println("Got private field: " + o);

   //make field accessible and set to it new value
   System.out.println("Injecting value to a private field:");
   fields[2].set(victimClassObj, "new_default_value");

   //get field's its new value
   o = fields[2].get(victimClassObj);
   System.out.println("Got updated private field: " + o);

   //make field accessible and get its value
   fields[1].setAccessible(true);
   o = fields[1].get(victimClassObj);
   System.out.println("Got private static field: " + o);

   //make field accessible and set to it new value
   System.out.println("Injecting value to a private static final field:");
   fields[1].set(null, new Integer(2));

   //get field's its new value
   o = fields[1].get(victimClassObj);
   System.out.println("Got updated private static final field: " + o);

   }
   catch (InstantiationException e) {
	System.err.println("Error: could not instantiate: " + e);
   }

   catch (IllegalAccessException e) {
	System.err.println("Error: could not access: " + e);
   }

   catch (InvocationTargetException e) {
	System.err.println("Error: could not invoke the target: " + e);
   }
  }
}

The call to setAccessible() can be restricted if SecurityManager is set, then any attempt to call the method above will result in exception. If required, it is possible to grant permission java.reflect.ReflectPermission “suppressAccessChecks” using external java.policy file or by applying security policy programmatically. This permission will allow invocation of setAccessible(). My other post How to set SecurityManager and Java security policy programmatically explains how this can be achieved. Please note: by doing so, you can allow malicious access to your classes.

This is what happens when program executes:
I am using reflection, to get a print out of declared constructors, methods and fields. Following that, I am invoking private static and non-static method and attempting to change the value of private declared fields.

The program produces the following output:

Declared constructor name: VictimClass
        is accessible: false
        is private: true

Declared method name: setPassword
        is accessible: false
        is private: true
        is static: false

Declared method name: getUsersId
        is accessible: false
        is private: true
        is static: true

Declared method name: getPassword
        is accessible: false
        is private: true
        is static: false

Declared field name: password
        is accessible: false
        is private: true
        is static: false
        is final: false

Declared field name: USER_ID
        is accessible: false
        is private: true
        is static: true
        is final: true

Declared field name: privateFiled
        is accessible: false
        is private: true
        is static: false
        is final: false

Initiating reflection attack:
Oops... This private constructor was not  suppose to be invoked
Got user ID from private static accessor: 3452678
Got original password from private accessor: default_password
Injecting new password using private mutator
Got injected password from private accessor: injected_password
Got private field: default_value
Injecting value to a private field:
Got updated private field: new_default_value
Got private static field: 3452678
Injecting value to a private static final field:
Error: could not access: java.lang.IllegalAccessException: Field is final

As output shows above, it is not possible to set a value to the filed that is final. Therefore, it would be good idea to make fields final whenever possible. As it was shown before, it prevents reflection attack (when trying to set a new value), plus to that its good for performance optimization (memory allocation).

So what we got so far? When we have a POJO, it is possible to invoke private constructor, private static and non-static methods and change the value of private fields.

Enumerators on other hand do not allow invocation of their private constructors. An attempt to do so will result in IllegalArgumentException exception: “Cannot reflectively create enum objects”. Enums are safe against invocation of private constructors through reflection attacks.

Since enum object instances cannot be created through reflection, private non-static methods cannot be invoked. Having said that, it is still possible to invoke private static methods on enum using reflection, like on any other Java class.

Update: private non-static methods can be invoked on enum class, please refer to comments.

In conclusion, number of steps can be taken, in case someone really wants to prevent reflection attack on non-enum Java classes:

  1. Make fields final whenever possible
  2. Private constructor can throw an exception if there will be an attempt to invoke it.
  3. Applying security policy without ReflectPermission and setting security manager

I hope that I was descriptive enough here, I will appreciate your comments here.

The source code for this post was tested in my Eclipse and is attached.

Cheers