JD.VNU
JD.VNU shows that the value assigned to a variable was never read after assignment.
Vulnerability and risk
In most cases, it is just less than optimal code, but sometimes, it can signify a major logical error when a value is set up, but never actually used.
Mitigation and prevention
Optimize the code and remove the unused assignments.
Example 1
13 boolean checkArray(int arr[]) {
14 for (int i = 0; i < arr.length; i++) {
15 int item = arr[i];
16 String hexString = Integer.toHexString(item);
17 if (i % 2 == 0) {
18 return true;
19 }
20 }
21 return false;
22 }
JD.VNU is reported for line 16: a hexString is created for each 'item' in the array, though it is never used afterwards.
Example 2
13 private long getTimeLen(long arr[]) {
14 long time1 = 0;
15 long time2 = 0;
16 long len = 0;
17 for (int i = 0; i < arr.length; i += 2) {
18 time1 = arr[i];
19 time1 = arr[i + 1];
20 if (time1 < time2) {
21 long d = time1 - time2;
22 if (d > len) {
23 len = d;
24 }
25 }
26 }
27 return len;
28 }
JD.VNU is reported for two assignments in the snippet:
- assignment on line 14: this operation pointless and unoptimal since 'time1' is overwritten on line 18.
- assignment on line 18: the developer intended to initialize 'time2' variable but used 'time1' instead.
