Java安全-代码审计

发表于 2023-09-01 更新于 2023-09-19 分类于代码审计阅读次数：

前言

java学完忘完了,从头捡起来…顺便记录一下

仅记录自己学习中觉得值得记录的地方,并不完全,也不适合所有人

环境

java:jdk17lts

编辑器:idea

视频教程:https://www.bilibili.com/video/BV1Cv411372m/?p=19&spm_id_from=pageDriver&vd_source=6bf1c94d1bbfd3bb26bf7332b2f748c5

基础语法

变量

package com.chenci.hello;

public class Main {
    public static void main(String[] args) {
        System.out.println("Hello world!");
        System.out.println("中国");
        System.out.println("中国"+"hello world"); //字符串
        int a = 123;
        System.out.println(a);
        double b = 123.123;
        System.out.println(b);
        double c = a+b;
        System.out.println(c);  //变量赋值,相加
    }
}

package com.chenci.variable;

public class Demo2 {
    public static void main(String[] args) {
        int a = 1;
        System.out.println(a);  //变量需先声明再使用


        {
            int b = 1;
            System.out.println(b); //变量的有效范围是当前{}
        }
        

        int c;
        System.out.println(c); //变量使用需要有值

    }
}

关键字

标识符

八/十六进制

基本数据类型

package com.chenci.variable;

public class Demo2 {
    public static void main(String[] args) {
        byte a = 127;
        //byte a = 128; // 越界

        short b = 32712;
        //short b = 32799; //越界

        int c = 1; //默认整数

        long lg = 11111L; //整数默认int类型,需要长整型需要加L或者l

        float f = 2222F; //整数默认int类型,需要长整型需要加F或者f

        double d = 1.2;

        char ch = 'a'; //只能有一个字符
        
        // 引用数据类型,字符串类型
        String ch2 = "aaa"; //多个字符


    }
}

自动类型转换

package com.chenci.variable;

public class Demo2 {
    public static void main(String[] args) {
        byte a = 10;
        int b = a;
        System.out.println(b);
    }
}

表达式自动类型转换

package com.chenci.variable;

public class Demo2 {
    public static void main(String[] args) {
        byte a = 10;
        int b = 20;
        long c = 30;
        long rs = a+b+c; //表达式最终类型由最高类型决定
    }
}

强制类型转换

package com.chenci.variable;

public class Demo2 {
    public static void main(String[] args) {
        int a = 20;
        byte b = (byte) a; //快捷键 alt+回车
        System.out.println(a);
        System.out.println(b); //20
    }
}

算术运算符

package com.chenci.variable;

public class Demo2 {
    public static void main(String[] args) {
        int a = 20;
        int b = 30;
        System.out.println(b/a); //1,整数相除取整
        System.out.println(1.0*b/a); //1.5,取最高类型
      	System.out.println("中"+"国"); //中国,字符拼接
    }
}

自增自减运算符

package com.chenci.variable;

public class Demo2 {
    public static void main(String[] args) {
        int a = 20;
        int res1 = a++; //先复制再加
        System.out.println(res1);

        int c = 20;
        int res2 = ++c; //先加在赋值
        System.out.println(res2);
    }
}

赋值运算符

package com.chenci.variable;

public class Demo2 {
    public static void main(String[] args) {
        int a = 20;
        double b = 1.1;
        a+=b;
        System.out.println(a); //21
    }

}

package com.chenci.variable;

public class Demo2 {
    public static void main(String[] args) {
        double a = 20;
        double b = 1.1;
        a = a+b;
        System.out.println(a); //21.1
    }

}

关系运算符

逻辑运算符

![image-20230912145935451](/Users/chenci/Library/Application Support/typora-user-images/image-20230912145935451.png)

package com.chenci.variable;

public class Demo2 {
    public static void main(String[] args) {
        int a = 1;
        int b = 2;
        System.out.println(a>100 && ++b>99);//左边为false右边不执行
        System.out.println(b); //2
    }

}

三元运算符

public static void main(String[] args) {
    double score = 99.5;
    String res = score >= 60 ?"及格":"不及格";
    System.out.println(res);    //及格
}

运算符优先级

键盘输入

public static void main(String[] args) {
    Scanner sc = new Scanner(System.in);
    System.out.println("输入一个整数:");
    int age = sc.nextInt();
    System.out.println(age);
}

分支结构

if结构

public class IfDemo1 {
    public static void main(String[] args) {
        Scanner sc = new Scanner(System.in);
        System.out.println("输入体温:");
        int t = sc.nextInt();
        if (t > 37.8){
            System.out.println("体温异常:");
        }else{
            System.out.println("正常");
        }
    }
}

else if结构

public class IfDemo1 {
    public static void main(String[] args) {
        Scanner sc = new Scanner(System.in);
        System.out.println("输入分数:");
        int score = sc.nextInt();
        if (score >= 0 && score <= 60) {
            System.out.println("D");
        } else if (score > 60 && score <= 80) {
            System.out.println("C");
        } else if (score > 80 && score <= 90) {
            System.out.println("B");
        } else if (score > 90 && score <= 100) {
            System.out.println("A");
        } else {
            System.out.println("输入有误");
        }
    }
}

switch

public static void main(String[] args) {
    Scanner sc = new Scanner(System.in);
    System.out.println("输入日期:");
    String week = sc.next();
    
    switch (week){
        case "周一":
            System.out.println("今天周一");
            break;
        case "周二":
            System.out.println("今天周二");
            break;
        case "周三":
            System.out.println("今天周三");
            break;
        case "周四":
            System.out.println("今天周四");
            break;
        case "周五":
            System.out.println("今天周五");
            break;
        default:
            System.out.println("输入错误");
    }
    }

或者

public static void main(String[] args) {
    Scanner sc = new Scanner(System.in);
    System.out.println("输入日期:");
    String week = sc.next();
    switch (week) {
        case "周一" -> System.out.println("今天周一");
        case "周二" -> System.out.println("今天周二");
        case "周三" -> System.out.println("今天周三");
        case "周四" -> System.out.println("今天周四");
        case "周五" -> System.out.println("今天周五");
        default -> System.out.println("输入错误");
    }
    }

for循环

public static void main(String[] args) {
    for (int i = 0; i < 5; i++) {
        System.out.println("hello world");
    }
}

while循环

public static void main(String[] args) {
    int i = 1;
    while (i < 10) {
        i+=1;
        System.out.println("hello world");
    }
}

do while循环

public static void main(String[] args) {
    int i = 0;
    do {
        System.out.println("hello world");
        i++;
    }while (i<3);   //先执行,后判断
}

跳转关键字

随机数

public static void main(String[] args) {
    Random r = new Random();
    for (int i = 0; i < 10; i++) {
        int date = r.nextInt(10);
        System.out.println(date);
    }
}

猜数字

public static void main(String[] args) {
    Scanner sc = new Scanner(System.in);
    Random r = new Random();
    while (true) {
        int date = r.nextInt(1,11);
        System.out.println("猜一个数字0-10:");
        int input = sc.nextInt();
        if (input == date) {
            System.out.println("猜对了");
            break;
        }else {
            System.out.println("猜错了,数字是:"+date);
        }
    }
}

数组

静态数组定义和访问

public static void main(String[] args) {
    int[] age = {1, 2, 2, 4, 5, 6};
    
    for (int i = 0; i < age.length; i++) {
        System.out.println(age[i]);
    }

}

简写

public static void main(String[] args) {
    int[] age = {1, 2, 2, 4, 5, 6};
    for (int j : age) {
        System.out.println(j);
    }
}

动态数组

public static void main(String[] args) {
    int[] age =new int [3];
    System.out.println(age[1]); //0
    age[0] = 2;
    System.out.println(age[0]); //2
}

数组最大值

public static void main(String[] args) {
        //定义数组
        int[] faceScores = {15,2000,10000,20000,9500,-5};
        //定义一个变量用于记录最终最大值
        int max = faceScores[0];
        //从数组第二个开始遍历
        for (int i = 1; i < faceScores.length; i++) {
            if (faceScores[i]>max){
                max = faceScores[i];
            }
        }
        System.out.println(max);
    }

数组反转

public static void main(String[] args) {
    //1. 定义一个数组
    int[] arr = {1, 2, 3, 4, 5};
    //2. 定义个循环,设计两个变量,一个在前一个在后
    for (int i = 0, j = arr.length - 1; i < j; i++, j--) {
        int temp = arr[j];
        arr[j] = arr[i];
        arr[i] =temp;
    }
    for (int a = 0; a < arr.length; a++) {
        System.out.print(arr[a]);
    }
}

数组随机

public class ArrayRand {
    public static void main(String[] args) {
        // 定义动态数组
        int[] codes = new int[5];
        // 输入工号
        Scanner sc = new Scanner(System.in);
        // 将输入的工号加入数组
        for (int i = 0; i < codes.length ; i++) {
            System.out.println("输入工号:");
            codes[i] = sc.nextInt();
        }
        // 生成随机数
        Random ran = new Random();
        for (int j = 0; j < codes.length; j++) {
            int index = ran.nextInt(codes.length);
            int temp = codes[index];
            codes[index] = codes[j];
            codes[j] = temp;
        }

        for (int i = 0; i < codes.length; i++) {
            System.out.println("随机排序:" + codes[i]);
        }
    }
}

方法

自定义方法

public class Demo1 {
    public static void main(String[] args) {
        int res = sum(10,20);
        System.out.println(res);
    }

    // 自定义方法
    public static int sum(int a, int b) {
        return a + b;
    }
}

求和自定义方法

public class Demo2 {
    public static void main(String[] args) {
        int res = sum(5);
        System.out.println(res);
    }

    public static int sum(int n ){
       int sum = 0;
        for (int i = 0; i <= n; i++) {
            sum+=i;
        }
        return sum;
    }
}

参数传递机制

基本类型参数传递

public static void main(String[] args) {
    int a = 10;
    change(a);
    System.out.println(a); //10
}
public static void change(int a){
    System.out.println(a); //10
    a = 20;
    System.out.println(a); //20
}

引用类型参数传递

public class Demo3 {
    public static void main(String[] args) {
        int[] arrs = {10,20,30};
        change(arrs);
        System.out.println("main:" + arrs[1]); //222
    }

    public static void change(int[] arrs){
        System.out.println("方法内1:"+arrs[1]); //20
        arrs[1] = 222;
        System.out.println("方法内2:"+arrs[1]); //222
    }
}

判断两个数组是否相等

public class Demo4 {
    public static void main(String[] args) {
        int[] arr1 = {};
        int[] arr2 = {};
        boolean res = equals(arr1,arr2);
        System.out.println(res);
    }

    public static boolean equals(int[] arr1 ,int[] arr2){
        //1.判断两个数组是否为空
        if (arr1 == null && arr2==null){
            return true;
        }
        //2.其中一个是null
        if (arr1 == null || arr2==null){
            return false;
        }
        //3.判断长度是否一样
        if (arr1.length != arr2.length){
            return false;
        }
        //4.判断每个元素是否相等
        for (int i = 0; i < arr1.length; i++) {
            if (arr1[i] != arr2[i]){
                return false;
            }
        }
        return true; //相等
    }
}

方法重载

public class Demo5 {
    public static void main(String[] args) {
        int a = 10;
        test1(a); //10
    }
    public static void test1(int a){
        System.out.println(a);
    }

    public static void test1(int a,int b ){
        System.out.println(a);
        System.out.println(20);
    }
}