SpotBugs Bug Detector Report

The following document contains the results of SpotBugs

SpotBugs Version is 4.8.6

Threshold is

Effort is default

Summary

Classes	Bugs	Errors	Missing Classes
163	61	0	0

Files

Class	Bugs
org.apache.commons.beanutils2.BaseDynaBeanMapDecorator	1
org.apache.commons.beanutils2.BasicDynaBean	1
org.apache.commons.beanutils2.BasicDynaClass	3
org.apache.commons.beanutils2.BeanMap	1
org.apache.commons.beanutils2.BeanMap$Entry	2
org.apache.commons.beanutils2.BeanPredicate	1
org.apache.commons.beanutils2.BeanPropertyValueChangeConsumer	2
org.apache.commons.beanutils2.BeanPropertyValueEqualsPredicate	2
org.apache.commons.beanutils2.BeanToPropertyValueTransformer	2
org.apache.commons.beanutils2.BeanUtilsBean	2
org.apache.commons.beanutils2.ContextClassLoaderLocal	2
org.apache.commons.beanutils2.ConvertUtilsBean	2
org.apache.commons.beanutils2.DefaultBeanIntrospector	1
org.apache.commons.beanutils2.FluentPropertyBeanIntrospector	2
org.apache.commons.beanutils2.LazyDynaBean	3
org.apache.commons.beanutils2.LazyDynaList	5
org.apache.commons.beanutils2.LazyDynaMap	6
org.apache.commons.beanutils2.MappedPropertyDescriptor	4
org.apache.commons.beanutils2.PropertyUtilsBean	3
org.apache.commons.beanutils2.WrapDynaBean	1
org.apache.commons.beanutils2.converters.AbstractConverter	1
org.apache.commons.beanutils2.converters.ArrayConverter	2
org.apache.commons.beanutils2.converters.DateTimeConverter	2
org.apache.commons.beanutils2.locale.LocaleBeanUtilsBean	3
org.apache.commons.beanutils2.sql.ResultSetDynaClass	2
org.apache.commons.beanutils2.sql.ResultSetIterator	1
org.apache.commons.beanutils2.sql.RowSetDynaClass	4

org.apache.commons.beanutils2.BaseDynaBeanMapDecorator

Bug	Category	Details	Line	Priority
org.apache.commons.beanutils2.BaseDynaBeanMapDecorator.getDynaBean() may expose internal representation by returning BaseDynaBeanMapDecorator.dynaBean	MALICIOUS_CODE	EI_EXPOSE_REP	219	Medium

org.apache.commons.beanutils2.BasicDynaBean

Bug	Category	Details	Line	Priority
org.apache.commons.beanutils2.BasicDynaBean.getMap() may expose internal representation by returning BasicDynaBean.mapDecorator	MALICIOUS_CODE	EI_EXPOSE_REP	232	Medium

org.apache.commons.beanutils2.BasicDynaClass

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.BasicDynaClass at new org.apache.commons.beanutils2.BasicDynaClass() will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	78	Medium
Exception thrown in class org.apache.commons.beanutils2.BasicDynaClass at new org.apache.commons.beanutils2.BasicDynaClass(String, Class) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	88	Medium
Exception thrown in class org.apache.commons.beanutils2.BasicDynaClass at new org.apache.commons.beanutils2.BasicDynaClass(String, Class, DynaProperty[]) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	105	Medium

org.apache.commons.beanutils2.BeanMap

Bug	Category	Details	Line	Priority
Do not catch NullPointerException like in org.apache.commons.beanutils2.BeanMap.get(Object)	STYLE	DCN_NULLPOINTER_EXCEPTION	387	Medium

org.apache.commons.beanutils2.BeanMap$Entry

Bug	Category	Details	Line	Priority
org.apache.commons.beanutils2.BeanMap$Entry doesn't override java.util.AbstractMap$SimpleEntry.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium
Class org.apache.commons.beanutils2.BeanMap$Entry defines non-transient non-serializable instance field owner	BAD_PRACTICE	SE_BAD_FIELD	Not available	Medium

org.apache.commons.beanutils2.BeanPredicate

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.BeanPredicate at new org.apache.commons.beanutils2.BeanPredicate(String, Predicate) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	35	Medium

org.apache.commons.beanutils2.BeanPropertyValueChangeConsumer

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.BeanPropertyValueChangeConsumer at new org.apache.commons.beanutils2.BeanPropertyValueChangeConsumer(String, Object) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	105	Medium
Exception thrown in class org.apache.commons.beanutils2.BeanPropertyValueChangeConsumer at new org.apache.commons.beanutils2.BeanPropertyValueChangeConsumer(String, Object, boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	73	Medium

org.apache.commons.beanutils2.BeanPropertyValueEqualsPredicate

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.BeanPropertyValueEqualsPredicate at new org.apache.commons.beanutils2.BeanPropertyValueEqualsPredicate(String, Object) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	139	Medium
Exception thrown in class org.apache.commons.beanutils2.BeanPropertyValueEqualsPredicate at new org.apache.commons.beanutils2.BeanPropertyValueEqualsPredicate(String, Object, boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	103	Medium

org.apache.commons.beanutils2.BeanToPropertyValueTransformer

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.BeanToPropertyValueTransformer at new org.apache.commons.beanutils2.BeanToPropertyValueTransformer(String) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	96	Medium
Exception thrown in class org.apache.commons.beanutils2.BeanToPropertyValueTransformer at new org.apache.commons.beanutils2.BeanToPropertyValueTransformer(String, boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	67	Medium

org.apache.commons.beanutils2.BeanUtilsBean

Bug	Category	Details	Line	Priority
org.apache.commons.beanutils2.BeanUtilsBean.getPropertyUtils() may expose internal representation by returning BeanUtilsBean.propertyUtilsBean	MALICIOUS_CODE	EI_EXPOSE_REP	660	Medium
new org.apache.commons.beanutils2.BeanUtilsBean(ConvertUtilsBean, PropertyUtilsBean) may expose internal representation by storing an externally mutable object into BeanUtilsBean.propertyUtilsBean	MALICIOUS_CODE	EI_EXPOSE_REP2	167	Medium

org.apache.commons.beanutils2.ContextClassLoaderLocal

Bug	Category	Details	Line	Priority
Return value of java.util.Map.isEmpty() ignored, but method has no side effect	STYLE	RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT	119	Medium
Return value of java.util.Map.isEmpty() ignored, but method has no side effect	STYLE	RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT	167	Medium

org.apache.commons.beanutils2.ConvertUtilsBean

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.ConvertUtilsBean at new org.apache.commons.beanutils2.ConvertUtilsBean() will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	223	Medium
Private method org.apache.commons.beanutils2.ConvertUtilsBean.convert(String[], Class, Converter) is never called	PERFORMANCE	UPM_UNCALLED_PRIVATE_METHOD	316-323	Medium

org.apache.commons.beanutils2.DefaultBeanIntrospector

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.DefaultBeanIntrospector at new org.apache.commons.beanutils2.DefaultBeanIntrospector() will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	54	Medium

org.apache.commons.beanutils2.FluentPropertyBeanIntrospector

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.FluentPropertyBeanIntrospector at new org.apache.commons.beanutils2.FluentPropertyBeanIntrospector() will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	86	Medium
Exception thrown in class org.apache.commons.beanutils2.FluentPropertyBeanIntrospector at new org.apache.commons.beanutils2.FluentPropertyBeanIntrospector(String) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	76	Medium

org.apache.commons.beanutils2.LazyDynaBean

Bug	Category	Details	Line	Priority
org.apache.commons.beanutils2.LazyDynaBean.getDynaClass() may expose internal representation by returning LazyDynaBean.dynaClass	MALICIOUS_CODE	EI_EXPOSE_REP	568	Medium
org.apache.commons.beanutils2.LazyDynaBean.getMap() may expose internal representation by returning LazyDynaBean.mapDecorator	MALICIOUS_CODE	EI_EXPOSE_REP	587	Medium
new org.apache.commons.beanutils2.LazyDynaBean(DynaClass) may expose internal representation by storing an externally mutable object into LazyDynaBean.dynaClass	MALICIOUS_CODE	EI_EXPOSE_REP2	185	Medium

org.apache.commons.beanutils2.LazyDynaList

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.LazyDynaList at new org.apache.commons.beanutils2.LazyDynaList(Class) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	198	Medium
Exception thrown in class org.apache.commons.beanutils2.LazyDynaList at new org.apache.commons.beanutils2.LazyDynaList(DynaClass) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	217	Medium
org.apache.commons.beanutils2.LazyDynaList doesn't override java.util.ArrayList.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium
Public method org.apache.commons.beanutils2.LazyDynaList.setElementType(Class) uses reflection to create a class it gets in its parameter which could increase the accessibility of any class	MALICIOUS_CODE	REFLC_REFLECTION_MAY_INCREASE_ACCESSIBILITY_OF_CLASS	471	Medium
Class org.apache.commons.beanutils2.LazyDynaList defines non-transient non-serializable instance field elementDynaClass	BAD_PRACTICE	SE_BAD_FIELD	Not available	Medium

org.apache.commons.beanutils2.LazyDynaMap

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.LazyDynaMap at new org.apache.commons.beanutils2.LazyDynaMap(String, DynaProperty[]) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	125	Medium
Exception thrown in class org.apache.commons.beanutils2.LazyDynaMap at new org.apache.commons.beanutils2.LazyDynaMap(DynaClass) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	85	Medium
Exception thrown in class org.apache.commons.beanutils2.LazyDynaMap at new org.apache.commons.beanutils2.LazyDynaMap(DynaProperty[]) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	94	Medium
org.apache.commons.beanutils2.LazyDynaMap.getMap() may expose internal representation by returning LazyDynaBean.values	MALICIOUS_CODE	EI_EXPOSE_REP	279	Medium
new org.apache.commons.beanutils2.LazyDynaMap(String, Map) may expose internal representation by storing an externally mutable object into LazyDynaMap.dynaClass	MALICIOUS_CODE	EI_EXPOSE_REP2	139	Medium
org.apache.commons.beanutils2.LazyDynaMap.setMap(Map) may expose internal representation by storing an externally mutable object into LazyDynaMap.values	MALICIOUS_CODE	EI_EXPOSE_REP2	402	Medium

org.apache.commons.beanutils2.MappedPropertyDescriptor

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.MappedPropertyDescriptor at new org.apache.commons.beanutils2.MappedPropertyDescriptor(String, Class) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	277	Medium
Exception thrown in class org.apache.commons.beanutils2.MappedPropertyDescriptor at new org.apache.commons.beanutils2.MappedPropertyDescriptor(String, Class, String, String) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	328	Medium
Exception thrown in class org.apache.commons.beanutils2.MappedPropertyDescriptor at new org.apache.commons.beanutils2.MappedPropertyDescriptor(String, Method, Method) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	361	Medium
org.apache.commons.beanutils2.MappedPropertyDescriptor doesn't override java.beans.PropertyDescriptor.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.apache.commons.beanutils2.PropertyUtilsBean

Bug	Category	Details	Line	Priority
Do not catch NullPointerException like in org.apache.commons.beanutils2.PropertyUtilsBean.invokeMethod(Method, Object, Object[])	STYLE	DCN_NULLPOINTER_EXCEPTION	1024	Medium
org.apache.commons.beanutils2.PropertyUtilsBean.getResolver() may expose internal representation by returning PropertyUtilsBean.resolver	MALICIOUS_CODE	EI_EXPOSE_REP	918	Medium
org.apache.commons.beanutils2.PropertyUtilsBean.setResolver(Resolver) may expose internal representation by storing an externally mutable object into PropertyUtilsBean.resolver	MALICIOUS_CODE	EI_EXPOSE_REP2	1560	Medium

org.apache.commons.beanutils2.WrapDynaBean

Bug	Category	Details	Line	Priority
Do not catch NullPointerException like in org.apache.commons.beanutils2.WrapDynaBean.get(String)	STYLE	DCN_NULLPOINTER_EXCEPTION	110	Medium

org.apache.commons.beanutils2.converters.AbstractConverter

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.converters.AbstractConverter at new org.apache.commons.beanutils2.converters.AbstractConverter(Object) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	119	Medium

org.apache.commons.beanutils2.converters.ArrayConverter

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.converters.ArrayConverter at new org.apache.commons.beanutils2.converters.ArrayConverter(Class, Converter) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	125	Medium
Exception thrown in class org.apache.commons.beanutils2.converters.ArrayConverter at new org.apache.commons.beanutils2.converters.ArrayConverter(Class, Converter, int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	140	Medium

org.apache.commons.beanutils2.converters.DateTimeConverter

Bug	Category	Details	Line	Priority
org.apache.commons.beanutils2.converters.DateTimeConverter.getTimeZone() may expose internal representation by returning DateTimeConverter.timeZone	MALICIOUS_CODE	EI_EXPOSE_REP	334	Medium
org.apache.commons.beanutils2.converters.DateTimeConverter.setTimeZone(TimeZone) may expose internal representation by storing an externally mutable object into DateTimeConverter.timeZone	MALICIOUS_CODE	EI_EXPOSE_REP2	480	Medium

org.apache.commons.beanutils2.locale.LocaleBeanUtilsBean

Bug	Category	Details	Line	Priority
org.apache.commons.beanutils2.locale.LocaleBeanUtilsBean.getLocaleConvertUtils() may expose internal representation by returning LocaleBeanUtilsBean.localeConvertUtils	MALICIOUS_CODE	EI_EXPOSE_REP	331	Medium
new org.apache.commons.beanutils2.locale.LocaleBeanUtilsBean(LocaleConvertUtilsBean) may expose internal representation by storing an externally mutable object into LocaleBeanUtilsBean.localeConvertUtils	MALICIOUS_CODE	EI_EXPOSE_REP2	94	Medium
new org.apache.commons.beanutils2.locale.LocaleBeanUtilsBean(LocaleConvertUtilsBean, ConvertUtilsBean, PropertyUtilsBean) may expose internal representation by storing an externally mutable object into LocaleBeanUtilsBean.localeConvertUtils	MALICIOUS_CODE	EI_EXPOSE_REP2	107	Medium

org.apache.commons.beanutils2.sql.ResultSetDynaClass

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.sql.ResultSetDynaClass at new org.apache.commons.beanutils2.sql.ResultSetDynaClass(ResultSet, boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	123	Medium
Exception thrown in class org.apache.commons.beanutils2.sql.ResultSetDynaClass at new org.apache.commons.beanutils2.sql.ResultSetDynaClass(ResultSet, boolean, boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	149	Medium

org.apache.commons.beanutils2.sql.ResultSetIterator

Bug	Category	Details	Line	Priority
org.apache.commons.beanutils2.sql.ResultSetIterator.getDynaClass() may expose internal representation by returning ResultSetIterator.dynaClass	MALICIOUS_CODE	EI_EXPOSE_REP	157	Medium

org.apache.commons.beanutils2.sql.RowSetDynaClass

Bug	Category	Details	Line	Priority
Exception thrown in class org.apache.commons.beanutils2.sql.RowSetDynaClass at new org.apache.commons.beanutils2.sql.RowSetDynaClass(ResultSet, boolean, int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	156	Medium
Exception thrown in class org.apache.commons.beanutils2.sql.RowSetDynaClass at new org.apache.commons.beanutils2.sql.RowSetDynaClass(ResultSet, boolean, int, boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	185	Medium
Exception thrown in class org.apache.commons.beanutils2.sql.RowSetDynaClass at new org.apache.commons.beanutils2.sql.RowSetDynaClass(ResultSet, boolean, boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	134	Medium
org.apache.commons.beanutils2.sql.RowSetDynaClass.getRows() may expose internal representation by returning RowSetDynaClass.rows	MALICIOUS_CODE	EI_EXPOSE_REP	250	Medium