SpotBugs Bug Detector Report
The following document contains the results of SpotBugs
SpotBugs Version is 4.8.5
Threshold is medium
Effort is default
Summary
| Classes |
Bugs |
Errors |
Missing Classes |
| 114 |
34 |
0 |
0 |
org.apache.commons.codec.binary.Base32
| Bug |
Category |
Details |
Line |
Priority |
| Exception thrown in class org.apache.commons.codec.binary.Base32 at new org.apache.commons.codec.binary.Base32(int, byte[], boolean, byte, CodecPolicy) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
336 |
Medium |
| Exception thrown in class org.apache.commons.codec.binary.Base32 at new org.apache.commons.codec.binary.Base32(int, byte[], byte[], byte, CodecPolicy) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
363 |
Medium |
| Switch statement found in org.apache.commons.codec.binary.Base32.decode(byte[], int, int, BaseNCodec$Context) where one case falls through to the next case |
STYLE |
SF_SWITCH_FALLTHROUGH |
449-451 |
Medium |
org.apache.commons.codec.binary.Base64
| Bug |
Category |
Details |
Line |
Priority |
| Exception thrown in class org.apache.commons.codec.binary.Base64 at new org.apache.commons.codec.binary.Base64(int, byte[], byte, byte[], CodecPolicy) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
671 |
Medium |
| Exception thrown in class org.apache.commons.codec.binary.Base64 at new org.apache.commons.codec.binary.Base64(int, byte[], boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
612 |
Medium |
| Exception thrown in class org.apache.commons.codec.binary.Base64 at new org.apache.commons.codec.binary.Base64(int, byte[], boolean, CodecPolicy) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
644 |
Medium |
org.apache.commons.codec.binary.BaseNCodec
| Bug |
Category |
Details |
Line |
Priority |
| Unread field: org.apache.commons.codec.binary.BaseNCodec.PAD; should this field be static? |
PERFORMANCE |
SS_SHOULD_BE_STATIC |
380 |
Medium |
org.apache.commons.codec.binary.BaseNCodec$AbstractBuilder
| Bug |
Category |
Details |
Line |
Priority |
| org.apache.commons.codec.binary.BaseNCodec$AbstractBuilder.setEncodeTable(byte[]) may expose internal representation by storing an externally mutable object into BaseNCodec$AbstractBuilder.encodeTable |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
120 |
Medium |
org.apache.commons.codec.cli.Digest
| Bug |
Category |
Details |
Line |
Priority |
| Exception thrown in class org.apache.commons.codec.cli.Digest at new org.apache.commons.codec.cli.Digest(String[]) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
66 |
Medium |
org.apache.commons.codec.digest.Blake3
| Bug |
Category |
Details |
Line |
Priority |
| Unsigned right shift cast to short/byte in org.apache.commons.codec.digest.Blake3.packInt(int, byte[], int, int) |
STYLE |
ICAST_QUESTIONABLE_UNSIGNED_RIGHT_SHIFT |
407 |
Medium |
org.apache.commons.codec.digest.DigestUtils
| Bug |
Category |
Details |
Line |
Priority |
| Exception thrown in class org.apache.commons.codec.digest.DigestUtils at new org.apache.commons.codec.digest.DigestUtils(String) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
1408 |
Medium |
org.apache.commons.codec.digest.MurmurHash2
| Bug |
Category |
Details |
Line |
Priority |
| Switch statement found in org.apache.commons.codec.digest.MurmurHash2.hash32(byte[], int, int) where one case falls through to the next case |
STYLE |
SF_SWITCH_FALLTHROUGH |
141-143 |
Medium |
| Switch statement found in org.apache.commons.codec.digest.MurmurHash2.hash32(byte[], int, int) where default case is missing |
STYLE |
SF_SWITCH_NO_DEFAULT |
139-146 |
Medium |
| Switch statement found in org.apache.commons.codec.digest.MurmurHash2.hash64(byte[], int, int) where default case is missing |
STYLE |
SF_SWITCH_NO_DEFAULT |
247-262 |
Medium |
org.apache.commons.codec.digest.MurmurHash3
| Bug |
Category |
Details |
Line |
Priority |
| Switch statement found in org.apache.commons.codec.digest.MurmurHash3.hash32(byte[], int, int, int) where one case falls through to the next case |
STYLE |
SF_SWITCH_FALLTHROUGH |
718-720 |
Medium |
| Switch statement found in org.apache.commons.codec.digest.MurmurHash3.hash32x86(byte[], int, int, int) where one case falls through to the next case |
STYLE |
SF_SWITCH_FALLTHROUGH |
915-917 |
Medium |
| Switch statement found in org.apache.commons.codec.digest.MurmurHash3.hash128x64Internal(byte[], int, int, long) where default case is missing |
STYLE |
SF_SWITCH_NO_DEFAULT |
549-588 |
Medium |
| Switch statement found in org.apache.commons.codec.digest.MurmurHash3.hash32(byte[], int, int, int) where default case is missing |
STYLE |
SF_SWITCH_NO_DEFAULT |
716-728 |
Medium |
| Switch statement found in org.apache.commons.codec.digest.MurmurHash3.hash32x86(byte[], int, int, int) where default case is missing |
STYLE |
SF_SWITCH_NO_DEFAULT |
913-925 |
Medium |
| Switch statement found in org.apache.commons.codec.digest.MurmurHash3.hash64(byte[], int, int, int) where default case is missing |
STYLE |
SF_SWITCH_NO_DEFAULT |
1049-1067 |
Medium |
org.apache.commons.codec.digest.MurmurHash3$IncrementalHash32
| Bug |
Category |
Details |
Line |
Priority |
| Switch statement found in org.apache.commons.codec.digest.MurmurHash3$IncrementalHash32.finalise(int, int, byte[], int) where one case falls through to the next case |
STYLE |
SF_SWITCH_FALLTHROUGH |
95-97 |
Medium |
| Switch statement found in org.apache.commons.codec.digest.MurmurHash3$IncrementalHash32.finalise(int, int, byte[], int) where default case is missing |
STYLE |
SF_SWITCH_NO_DEFAULT |
93-105 |
Medium |
org.apache.commons.codec.digest.MurmurHash3$IncrementalHash32x86
| Bug |
Category |
Details |
Line |
Priority |
| Switch statement found in org.apache.commons.codec.digest.MurmurHash3$IncrementalHash32x86.finalise(int, int, byte[], int) where one case falls through to the next case |
STYLE |
SF_SWITCH_FALLTHROUGH |
262-264 |
Medium |
| Switch statement found in org.apache.commons.codec.digest.MurmurHash3$IncrementalHash32x86.finalise(int, int, byte[], int) where default case is missing |
STYLE |
SF_SWITCH_NO_DEFAULT |
260-272 |
Medium |
org.apache.commons.codec.digest.PureJavaCrc32C
| Bug |
Category |
Details |
Line |
Priority |
| Switch statement found in org.apache.commons.codec.digest.PureJavaCrc32C.update(byte[], int, int) where default case is missing |
STYLE |
SF_SWITCH_NO_DEFAULT |
621-635 |
Medium |
org.apache.commons.codec.language.DoubleMetaphone$DoubleMetaphoneResult
| Bug |
Category |
Details |
Line |
Priority |
| new org.apache.commons.codec.language.DoubleMetaphone$DoubleMetaphoneResult(DoubleMetaphone, int) may expose internal representation by storing an externally mutable object into DoubleMetaphone$DoubleMetaphoneResult.this$0 |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
48 |
Medium |
org.apache.commons.codec.language.bm.Languages
| Bug |
Category |
Details |
Line |
Priority |
| org.apache.commons.codec.language.bm.Languages.getLanguages() may expose internal representation by returning Languages.languages |
MALICIOUS_CODE |
EI_EXPOSE_REP |
284 |
Medium |
org.apache.commons.codec.language.bm.PhoneticEngine
| Bug |
Category |
Details |
Line |
Priority |
| Exception thrown in class org.apache.commons.codec.language.bm.PhoneticEngine at new org.apache.commons.codec.language.bm.PhoneticEngine(NameType, RuleType, boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
276 |
Medium |
| Exception thrown in class org.apache.commons.codec.language.bm.PhoneticEngine at new org.apache.commons.codec.language.bm.PhoneticEngine(NameType, RuleType, boolean, int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
294 |
Medium |
org.apache.commons.codec.language.bm.Rule$Phoneme
| Bug |
Category |
Details |
Line |
Priority |
| org.apache.commons.codec.language.bm.Rule$Phoneme.getPhonemeText() may expose internal representation by returning Rule$Phoneme.phonemeText |
MALICIOUS_CODE |
EI_EXPOSE_REP |
142 |
Medium |
org.apache.commons.codec.language.bm.Rule$PhonemeList
| Bug |
Category |
Details |
Line |
Priority |
| org.apache.commons.codec.language.bm.Rule$PhonemeList.getPhonemes() may expose internal representation by returning Rule$PhonemeList.phonemeList |
MALICIOUS_CODE |
EI_EXPOSE_REP |
205 |
Medium |
| new org.apache.commons.codec.language.bm.Rule$PhonemeList(List) may expose internal representation by storing an externally mutable object into Rule$PhonemeList.phonemeList |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
200 |
Medium |
org.apache.commons.codec.net.PercentCodec
| Bug |
Category |
Details |
Line |
Priority |
| Exception thrown in class org.apache.commons.codec.net.PercentCodec at new org.apache.commons.codec.net.PercentCodec() will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
69 |
Medium |
| Exception thrown in class org.apache.commons.codec.net.PercentCodec at new org.apache.commons.codec.net.PercentCodec(byte[], boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
82 |
Medium |
|
