JD.ST.POS
JD.ST.POS is found when the result of a String.indexOf(..) method is checked for greater than 0.
Vulnerability and risk
The method String.indexOf(..) returns the position of the found symbol, starting with 0, so a check for greater than 0 is most likely incorrect, because it misses any cases where a symbol is first in the string.
Mitigation and prevention
Replace a check for >0 with a check for ==-1, or >=0.
Example 1
Copy
public boolean checkFile(String file) {
if (file.indexOf("/")>0) {
return true;
}
return false;
}
JD.ST.POS is reported for call on line 10: Result of method 'indexOf' should be checked for >=0 or <0 instead of >0.