AWS logo
Amazon CodeGuruDetector Library

Missing position check before getting substring Medium

Getting a substring outside the range of a string can cause an index-out-of-bounds exception.

Detector ID
java/missing-position-check-before-substring@v1.0
Category
Common Weakness Enumeration (CWE) external icon
-

Noncompliant example

1public void checkSubStringNoncompliant(String sampleString) {
2    final String sampleSubstring = "sample";
3    final int index = sampleString.lastIndexOf(sampleSubstring);
4    // Noncompliant: it is not checked if substring is part of the string.
5    final String subString = sampleString.substring(0, index);
6}

Compliant example

1public void checkSubStringCompliant(String sampleString) {
2    final String sampleSubstring = "sample";
3    final int index = sampleString.lastIndexOf(sampleSubstring);
4    // Compliant: checked if substring is part of the string.
5    final String subString = index > 0 ? sampleString.substring(0, index) : sampleString;
6}