Call to 'System.loadLibrary()' with non-constant string
Reports calls to java.lang.System.loadLibrary(), java.lang.System.load(), java.lang.Runtime.loadLibrary() and java.lang.Runtime.load() which take a dynamically-constructed string as the name of the library.
Constructed library name strings are a common source of security breaches. By default, this inspection ignores compile-time constants.
Example:
Locating this inspection
- By ID
Can be used to locate inspection in e.g. Qodana configuration files, where you can quickly enable or disable it, or adjust its settings.
LoadLibraryWithNonConstantString- Via Settings dialog
Path to the inspection settings via IntelliJ Platform IDE Settings dialog, when you need to adjust inspection settings directly from your IDE.
Use the inspection settings to consider any static final fields as constant. Be careful, because strings like the following will be ignored when the option is enabled:
Inspection options
Here you can find the description of settings available for the Call to 'System.loadLibrary()' with non-constant string inspection, and the reference of their default values.
- Consider 'static final' fields constant
Default value:
Not selected
Suppressing Inspection
You can suppress this inspection by placing the following comment marker before the code fragment where you no longer want messages from this inspection to appear:
More detailed instructions as well as other ways and options that you have can be found in the product documentation:
Inspection Details | |
|---|---|
By default bundled with: |