Thread: Denial of Service and null pointer

Hi,

I have written a socket program which read HTTP post message, my programe works fine but I get code quality issue. i get 8 defects in one line of code. Not able to fix .Below is my code.

try (Socket httpSocket = server.accept();
	BufferedReader reader = new BufferedReader(new InputStreamReader(httpSocket.getInputStream(),"UTF8"),2048);
	BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(httpSocket.getOutputStream(),"UTF8"),2048);  ) 
{			
	httpSocket.setSoTimeout(600);
	reader.ready();
      [B]  line = reader.readLine();[/B] //get null pointer and denial of service
        isPost = line.startsWith("post"); 
        int contentLength = 0;
        while (!(line = reader.readLine()).equals("")) {
            if (isPost) {
                final String contentHeader = "Content-Length: ";
                if (line.startsWith(contentHeader)) {
                    contentLength = Integer.parseInt(line.substring(contentHeader.length()));
                }
            }
        }
}

I get following observation in Fortify
1) Denial of service at (line = reader.readLine(); ) and line = reader.readLine()).equals("")
2) Missing Check against Null at (line = reader.readLine(); ) and line = reader.readLine()).equals("")
Sonar Voilation
1) Remove this use of constructor "InputStreamReader(InputStream)"
2) Remove this use of constructor "OutputStreamWriter(OutputStream)"


Regards
Sandeep Shukla

i get 8 defects in one line of code.

Please explain.
If there are any error messages, copy the full text and paste it here.

Please edit your post and wrap your code with code tags:

[code]
**YOUR CODE GOES HERE**
[/code]

to get highlighting and preserve formatting.

Fortify and Sonar code

Sorry, I have no idea what that means.