SonarSource Rules

Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

ABAP static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your ABAP code

Security Hotspot7

Tags

Impact

Clean code attribute

"BREAK-POINT" statement should not be used in production

intentionality - clear

security

Vulnerability

Why is this an issue?

More Info

A BREAK-POINT statement is used when debugging an application with help of the ABAP Debugger. But such debugging statements could make an application vulnerable to attackers, and should not be left in the source code.

Noncompliant code example

IF wv_parallel EQ 'X'.
  BREAK-POINT.
  WAIT UNTIL g_nb_return EQ wv_nb_call.
ENDIF.

Compliant solution

IF wv_parallel EQ 'X'.
  WAIT UNTIL g_nb_return EQ wv_nb_call.
ENDIF.

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Developer Edition
Available Since
9.1