-
Home
- Project Documentation Project Reports 10
SpotBugs Bug Detector Report
The following document contains the results of SpotBugs
SpotBugs Version is 4.8.4
Threshold is medium
Effort is default
Summary
| Classes | Bugs | Errors | Missing Classes |
|---|---|---|---|
| 125 | 63 | 0 | 0 |
Files
org.sentrysoftware.jawk.Awk
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in org.sentrysoftware.jawk.Awk.invoke(AwkSettings): new java.io.PrintStream(OutputStream) | I18N | DM_DEFAULT_ENCODING | 151 | High |
org.sentrysoftware.jawk.Main
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception thrown in class org.sentrysoftware.jawk.Main at new org.sentrysoftware.jawk.Main(String[], InputStream, PrintStream, PrintStream) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW | 67 | Medium |
| Format string should use %n rather than \n in org.sentrysoftware.jawk.Main.main(String[]) | BAD_PRACTICE | VA_FORMAT_STRING_USES_NEWLINE | 92 | Medium |
org.sentrysoftware.jawk.backend.AVM
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception thrown in class org.sentrysoftware.jawk.backend.AVM at new org.sentrysoftware.jawk.backend.AVM(AwkSettings, Map) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW | 158 | Medium |
| Random object created and used only once in org.sentrysoftware.jawk.backend.AVM.interpret(AwkTuples) | BAD_PRACTICE | DMI_RANDOM_USED_ONLY_ONCE | 946 | High |
| Found reliance on default encoding in org.sentrysoftware.jawk.backend.AVM.interpret(AwkTuples): new java.io.PrintStream(OutputStream, boolean) | I18N | DM_DEFAULT_ENCODING | 334 | High |
| Found reliance on default encoding in org.sentrysoftware.jawk.backend.AVM.interpret(AwkTuples): new String(byte[]) | I18N | DM_DEFAULT_ENCODING | 1598 | High |
| new org.sentrysoftware.jawk.backend.AVM(AwkSettings, Map) may expose internal representation by storing an externally mutable object into AVM.extensions | MALICIOUS_CODE | EI_EXPOSE_REP2 | 168 | Medium |
| new org.sentrysoftware.jawk.backend.AVM(AwkSettings, Map) may expose internal representation by storing an externally mutable object into AVM.settings | MALICIOUS_CODE | EI_EXPOSE_REP2 | 160 | Medium |
| Test for floating point equality in org.sentrysoftware.jawk.backend.AVM.interpret(AwkTuples) | STYLE | FE_FLOATING_POINT_EQUALITY | 641 | High |
| org.sentrysoftware.jawk.backend.AVM.avmDump(AssocArray[]) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 2045 | Medium |
| org.sentrysoftware.jawk.backend.AVM.interpret(AwkTuples) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 1742 | Medium |
org.sentrysoftware.jawk.ext.AbstractExtension
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.sentrysoftware.jawk.ext.AbstractExtension.init(VariableManager, JRT, AwkSettings) may expose internal representation by storing an externally mutable object into AbstractExtension.jrt | MALICIOUS_CODE | EI_EXPOSE_REP2 | 49 | Medium |
| org.sentrysoftware.jawk.ext.AbstractExtension.init(VariableManager, JRT, AwkSettings) may expose internal representation by storing an externally mutable object into AbstractExtension.settings | MALICIOUS_CODE | EI_EXPOSE_REP2 | 50 | Medium |
| org.sentrysoftware.jawk.ext.AbstractExtension.init(VariableManager, JRT, AwkSettings) may expose internal representation by storing an externally mutable object into AbstractExtension.vm | MALICIOUS_CODE | EI_EXPOSE_REP2 | 48 | Medium |
org.sentrysoftware.jawk.ext.CoreExtension
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| instanceof will always return true for all non-null values in org.sentrysoftware.jawk.ext.CoreExtension.newReference(Object), since all org.sentrysoftware.jawk.jrt.AssocArray are instances of org.sentrysoftware.jawk.jrt.AssocArray | STYLE | BC_VACUOUS_INSTANCEOF | 422 | Medium |
| Check for oddness that won't work for negative numbers in org.sentrysoftware.jawk.ext.CoreExtension.getAssocArrayParameterPositions(String, int) | STYLE | IM_BAD_CHECK_FOR_ODD | 286 | Medium |
| org.sentrysoftware.jawk.ext.CoreExtension.inref(Object, VariableManager) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 539 | Medium |
org.sentrysoftware.jawk.ext.StdinExtension$1
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Wait not in loop in org.sentrysoftware.jawk.ext.StdinExtension$1.block() | MT_CORRECTNESS | WA_NOT_IN_LOOP | 122 | Medium |
org.sentrysoftware.jawk.ext.StdinExtension$2
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in org.sentrysoftware.jawk.ext.StdinExtension$2.run(): new java.io.InputStreamReader(InputStream) | I18N | DM_DEFAULT_ENCODING | 140 | High |
| org.sentrysoftware.jawk.ext.StdinExtension$2.run() invokes System.exit(...), which shuts down the entire virtual machine | BAD_PRACTICE | DM_EXIT | 159 | Medium |
| org.sentrysoftware.jawk.ext.StdinExtension$2.run() may fail to close stream | BAD_PRACTICE | OS_OPEN_STREAM | 139 | Medium |
org.sentrysoftware.jawk.frontend.AwkParser
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception thrown in class org.sentrysoftware.jawk.frontend.AwkParser at new org.sentrysoftware.jawk.frontend.AwkParser(boolean, boolean, Map) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW | 289 | Medium |
| new org.sentrysoftware.jawk.frontend.AwkParser(boolean, boolean, Map) may expose internal representation by storing an externally mutable object into AwkParser.extensions | MALICIOUS_CODE | EI_EXPOSE_REP2 | 310 | Medium |
| org.sentrysoftware.jawk.frontend.AwkParser.parse(List) may expose internal representation by storing an externally mutable object into AwkParser.scriptSources | MALICIOUS_CODE | EI_EXPOSE_REP2 | 384 | Medium |
| Load of known null value in org.sentrysoftware.jawk.frontend.AwkParser.GETLINE_EXPRESSION(AwkParser$AST, boolean, boolean) | STYLE | NP_LOAD_OF_KNOWN_NULL_VALUE | 1952 | Medium |
| Redundant nullcheck of expr1, which is known to be non-null in org.sentrysoftware.jawk.frontend.AwkParser.FOR_STATEMENT() | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 1779 | Medium |
| Redundant nullcheck of rule_or_function, which is known to be non-null in org.sentrysoftware.jawk.frontend.AwkParser.RULE_LIST() | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 913 | Medium |
| Write to static field org.sentrysoftware.jawk.frontend.AwkParser.f_idx from instance method new org.sentrysoftware.jawk.frontend.AwkParser(boolean, boolean, Map) | STYLE | ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD | 293 | Medium |
| Write to static field org.sentrysoftware.jawk.frontend.AwkParser.s_idx from instance method new org.sentrysoftware.jawk.frontend.AwkParser(boolean, boolean, Map) | STYLE | ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD | 291 | Medium |
org.sentrysoftware.jawk.intermediate.AwkTuples
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.sentrysoftware.jawk.intermediate.AwkTuples.getFunctionNameSet() may expose internal representation by returning AwkTuples.function_names | MALICIOUS_CODE | EI_EXPOSE_REP | 3152 | Medium |
| org.sentrysoftware.jawk.intermediate.AwkTuples.getGlobalVariableAarrayMap() may expose internal representation by returning AwkTuples.global_var_aarray_map | MALICIOUS_CODE | EI_EXPOSE_REP | 3142 | Medium |
| org.sentrysoftware.jawk.intermediate.AwkTuples.getGlobalVariableOffsetMap() may expose internal representation by returning AwkTuples.global_var_offset_map | MALICIOUS_CODE | EI_EXPOSE_REP | 3133 | Medium |
org.sentrysoftware.jawk.intermediate.AwkTuples$VersionManager
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Overridable method append is called from readObject. | MALICIOUS_CODE | MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT | 3228 | Medium |
| Overridable method readInt is called from readObject. | MALICIOUS_CODE | MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT | 3226 | Medium |
| Overridable method toString is called from readObject. | MALICIOUS_CODE | MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT | 3228 | Medium |
org.sentrysoftware.jawk.jrt.AssocArray
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.sentrysoftware.jawk.jrt.AssocArray.mapString() makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 128 | Medium |
org.sentrysoftware.jawk.jrt.BlockManager
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Wait not in loop in org.sentrysoftware.jawk.jrt.BlockManager.block(BlockObject) | MT_CORRECTNESS | WA_NOT_IN_LOOP | 102 | Medium |
org.sentrysoftware.jawk.jrt.BlockManager$BlockThread
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.sentrysoftware.jawk.jrt.BlockManager$BlockThread.run() invokes System.exit(...), which shuts down the entire virtual machine | BAD_PRACTICE | DM_EXIT | 144 | Medium |
org.sentrysoftware.jawk.jrt.BlockObject
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.sentrysoftware.jawk.jrt.BlockObject.setNextBlockObject(BlockObject) may expose internal representation by storing an externally mutable object into BlockObject.nextBlockObject | MALICIOUS_CODE | EI_EXPOSE_REP2 | 98 | Medium |
org.sentrysoftware.jawk.jrt.DataPump
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.sentrysoftware.jawk.jrt.DataPump.run() might ignore java.io.IOException | BAD_PRACTICE | DE_MIGHT_IGNORE | 89 | Medium |
| new org.sentrysoftware.jawk.jrt.DataPump(InputStream, PrintStream) may expose internal representation by storing an externally mutable object into DataPump.os | MALICIOUS_CODE | EI_EXPOSE_REP2 | 53 | Medium |
org.sentrysoftware.jawk.jrt.JRT
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in org.sentrysoftware.jawk.jrt.JRT.jrtConsumeCommandInput(String): new java.io.InputStreamReader(InputStream) | I18N | DM_DEFAULT_ENCODING | 1010 | High |
| Found reliance on default encoding in org.sentrysoftware.jawk.jrt.JRT.jrtConsumeFileInput(String): new java.io.FileReader(String) | I18N | DM_DEFAULT_ENCODING | 958 | High |
| Found reliance on default encoding in org.sentrysoftware.jawk.jrt.JRT.jrtConsumeInput(InputStream, boolean, Locale): new java.io.FileReader(String) | I18N | DM_DEFAULT_ENCODING | 648 | High |
| Found reliance on default encoding in org.sentrysoftware.jawk.jrt.JRT.jrtConsumeInput(InputStream, boolean, Locale): new java.io.InputStreamReader(InputStream) | I18N | DM_DEFAULT_ENCODING | 655 | High |
| Found reliance on default encoding in org.sentrysoftware.jawk.jrt.JRT.jrtGetPrintStream(String, boolean): new java.io.PrintStream(OutputStream, boolean) | I18N | DM_DEFAULT_ENCODING | 938 | High |
| Found reliance on default encoding in org.sentrysoftware.jawk.jrt.JRT.jrtSpawnForOutput(String): new java.io.PrintStream(OutputStream, boolean) | I18N | DM_DEFAULT_ENCODING | 1055 | High |
| org.sentrysoftware.jawk.jrt.JRT.getOutputFiles() may expose internal representation by returning JRT.outputFiles | MALICIOUS_CODE | EI_EXPOSE_REP | 923 | Medium |
| org.sentrysoftware.jawk.jrt.JRT.getPartitioningReader() may expose internal representation by returning JRT.partitioningReader | MALICIOUS_CODE | EI_EXPOSE_REP | 566 | Medium |
| new org.sentrysoftware.jawk.jrt.JRT(VariableManager) may expose internal representation by storing an externally mutable object into JRT.vm | MALICIOUS_CODE | EI_EXPOSE_REP2 | 130 | Medium |
| Test for floating point equality in org.sentrysoftware.jawk.jrt.JRT.dec(Object) | STYLE | FE_FLOATING_POINT_EQUALITY | 461 | High |
| Test for floating point equality in org.sentrysoftware.jawk.jrt.JRT.inc(Object) | STYLE | FE_FLOATING_POINT_EQUALITY | 429 | High |
org.sentrysoftware.jawk.util.AwkSettings
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.sentrysoftware.jawk.util.AwkSettings.getNameValueOrFileNames() may expose internal representation by returning AwkSettings.nameValueOrFileNames | MALICIOUS_CODE | EI_EXPOSE_REP | 350 | Medium |
| org.sentrysoftware.jawk.util.AwkSettings.getOutputStream() may expose internal representation by returning AwkSettings.outputStream | MALICIOUS_CODE | EI_EXPOSE_REP | 567 | Medium |
| org.sentrysoftware.jawk.util.AwkSettings.getScriptSources() may expose internal representation by returning AwkSettings.scriptSources | MALICIOUS_CODE | EI_EXPOSE_REP | 286 | Medium |
| org.sentrysoftware.jawk.util.AwkSettings.getVariables() may expose internal representation by returning AwkSettings.variables | MALICIOUS_CODE | EI_EXPOSE_REP | 327 | Medium |
| org.sentrysoftware.jawk.util.AwkSettings.setNameValueOrFileNames(List) may expose internal representation by storing an externally mutable object into AwkSettings.nameValueOrFileNames | MALICIOUS_CODE | EI_EXPOSE_REP2 | 361 | Medium |
| org.sentrysoftware.jawk.util.AwkSettings.setOutputStream(PrintStream) may expose internal representation by storing an externally mutable object into AwkSettings.outputStream | MALICIOUS_CODE | EI_EXPOSE_REP2 | 576 | Medium |
| org.sentrysoftware.jawk.util.AwkSettings.setScriptSources(List) may expose internal representation by storing an externally mutable object into AwkSettings.scriptSources | MALICIOUS_CODE | EI_EXPOSE_REP2 | 374 | Medium |
| org.sentrysoftware.jawk.util.AwkSettings.setVariables(Map) may expose internal representation by storing an externally mutable object into AwkSettings.variables | MALICIOUS_CODE | EI_EXPOSE_REP2 | 339 | Medium |
org.sentrysoftware.jawk.util.DestDirClassLoader
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.sentrysoftware.jawk.util.DestDirClassLoader.loadClassData(String) may fail to clean up java.io.InputStream on checked exception | EXPERIMENTAL | OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE | 71 | Medium |
org.sentrysoftware.jawk.util.ScriptFileSource
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in org.sentrysoftware.jawk.util.ScriptFileSource.getReader(): new java.io.FileReader(String) | I18N | DM_DEFAULT_ENCODING | 73 | High |
Search Results for {{siteSearch | truncate:'50'}}
{{resultArray.length}}
No results.