{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 干净又极端 的问题《Checking all conditions in a logical disjunction》','https://www.manongdao.com/q-946998.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I found the question in this line of code. Ignore the fact that this code does not make sense:
if (object != null || object.someMethod()) object.doSomething();
First I was thinking that this code will throw NullPointerException if object is null. But, this is a logical disjunction and if one of the conditions is true the whole condition is true. So the compiler doesn't checks the second condition and doesn't throws NullPointerException.
Is this Java Standard behavior or implementation specific? If the second case is true than this code is not secure.
It is Java standard behaviour. Logical OR (
||) is a "short-circuit" operator meaning it only evaluates what it needs to, to determine whether the entire condition is true or not. If you want to force evaluation of each guard use|.someMethodcould be a static method that returns true even though the object does not exist. Compiler should warn you.the
||is defined by Java to be a short-circuit operator. So if the first condition istrueit does not evaluate the second condition. This is distinct from the|operator which is NOT short-circuit. The reliance on short-circuit operators is VERY common practice when coding Java.That said,
Marco'scomment is totally correct. You are using the||operator where you should probably be using the&&operator. Same short-circuit rules apply.When object is not null, short-circuit evaluation occurs, and
object.someMethod()is never called.When object is null, this expression should throw a NullPointerException when
object.someMethod()is evaluated.This is not a particularly useful condition. Consider whether && was intended instead of ||.