SpotBugs Bug Detector Report
The following document contains the results of SpotBugs
SpotBugs Version is 4.8.5
Threshold is medium
Effort is default
Summary
Classes |
Bugs |
Errors |
Missing Classes |
587 |
179 |
0 |
0 |
org.apache.commons.collections4.MapUtils
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.MapUtils.getBoolean(Map, Object) has Boolean return type and returns explicit null |
BAD_PRACTICE |
NP_BOOLEAN_RETURN_NULL |
242 |
Medium |
org.apache.commons.collections4.Predicate
Bug |
Category |
Details |
Line |
Priority |
The class name org.apache.commons.collections4.Predicate shadows the simple name of implemented interface java.util.function.Predicate |
BAD_PRACTICE |
NM_SAME_SIMPLE_NAME_AS_INTERFACE |
54 |
Medium |
org.apache.commons.collections4.bag.AbstractMapBag
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.bag.AbstractMapBag.uniqueSet() may expose internal representation by returning AbstractMapBag.uniqueSet |
MALICIOUS_CODE |
EI_EXPOSE_REP |
601 |
Medium |
org.apache.commons.collections4.bidimap.AbstractDualBidiMap
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.bidimap.AbstractDualBidiMap.entrySet() may expose internal representation by returning AbstractDualBidiMap.entrySet |
MALICIOUS_CODE |
EI_EXPOSE_REP |
709 |
Medium |
org.apache.commons.collections4.bidimap.AbstractDualBidiMap.inverseBidiMap() may expose internal representation by returning AbstractDualBidiMap.inverseBidiMap |
MALICIOUS_CODE |
EI_EXPOSE_REP |
737 |
Medium |
org.apache.commons.collections4.bidimap.AbstractDualBidiMap.keySet() may expose internal representation by returning AbstractDualBidiMap.keySet |
MALICIOUS_CODE |
EI_EXPOSE_REP |
758 |
Medium |
org.apache.commons.collections4.bidimap.AbstractDualBidiMap.values() may expose internal representation by returning AbstractDualBidiMap.values |
MALICIOUS_CODE |
EI_EXPOSE_REP |
836 |
Medium |
org.apache.commons.collections4.bidimap.AbstractDualBidiMap$EntrySetIterator
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.bidimap.AbstractDualBidiMap$EntrySetIterator.next() may expose internal representation by returning AbstractDualBidiMap$EntrySetIterator.last |
MALICIOUS_CODE |
EI_EXPOSE_REP |
226 |
Medium |
org.apache.commons.collections4.bidimap.DualLinkedHashBidiMap
Bug |
Category |
Details |
Line |
Priority |
Overridable method putAll is called from readObject. |
MALICIOUS_CODE |
MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT |
95 |
Medium |
org.apache.commons.collections4.bidimap.TreeBidiMap
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.bidimap.TreeBidiMap at new org.apache.commons.collections4.bidimap.TreeBidiMap(Map) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
1022 |
Medium |
Do not catch NullPointerException like in org.apache.commons.collections4.bidimap.TreeBidiMap.doEquals(Object, TreeBidiMap$DataElement) |
STYLE |
DCN_NULLPOINTER_EXCEPTION |
1118 |
Medium |
org.apache.commons.collections4.bidimap.TreeBidiMap.entrySet() may expose internal representation by returning TreeBidiMap.entrySet |
MALICIOUS_CODE |
EI_EXPOSE_REP |
1491 |
Medium |
org.apache.commons.collections4.bidimap.TreeBidiMap.inverseBidiMap() may expose internal representation by returning TreeBidiMap.inverse |
MALICIOUS_CODE |
EI_EXPOSE_REP |
1702 |
Medium |
org.apache.commons.collections4.bidimap.TreeBidiMap.keySet() may expose internal representation by returning TreeBidiMap.keySet |
MALICIOUS_CODE |
EI_EXPOSE_REP |
1732 |
Medium |
org.apache.commons.collections4.bidimap.TreeBidiMap.values() may expose internal representation by returning TreeBidiMap.valuesSet |
MALICIOUS_CODE |
EI_EXPOSE_REP |
2218 |
Medium |
org.apache.commons.collections4.bidimap.TreeBidiMap.equals(Object) is unusual |
STYLE |
EQ_UNUSUAL |
1502 |
Medium |
Overridable method put is called from readObject. |
MALICIOUS_CODE |
MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT |
1979 |
Medium |
Overridable method readInt is called from readObject. |
MALICIOUS_CODE |
MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT |
1975 |
Medium |
org.apache.commons.collections4.bidimap.TreeBidiMap$Inverse
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.bidimap.TreeBidiMap$Inverse.equals(Object) is unusual |
STYLE |
EQ_UNUSUAL |
295 |
Medium |
org.apache.commons.collections4.bidimap.UnmodifiableBidiMap
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.bidimap.UnmodifiableBidiMap.inverseBidiMap() may expose internal representation by returning UnmodifiableBidiMap.inverse |
MALICIOUS_CODE |
EI_EXPOSE_REP |
94 |
Medium |
Inconsistent synchronization of org.apache.commons.collections4.bidimap.UnmodifiableBidiMap.inverse; locked 80% of time |
MT_CORRECTNESS |
IS2_INCONSISTENT_SYNC |
92 |
Medium |
org.apache.commons.collections4.bidimap.UnmodifiableOrderedBidiMap
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.bidimap.UnmodifiableOrderedBidiMap.inverseOrderedBidiMap() may expose internal representation by returning UnmodifiableOrderedBidiMap.inverse |
MALICIOUS_CODE |
EI_EXPOSE_REP |
104 |
Medium |
org.apache.commons.collections4.bidimap.UnmodifiableSortedBidiMap
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.bidimap.UnmodifiableSortedBidiMap.inverseBidiMap() may expose internal representation by returning UnmodifiableSortedBidiMap.inverse |
MALICIOUS_CODE |
EI_EXPOSE_REP |
102 |
Medium |
org.apache.commons.collections4.bloomfilter.BitMapExtractor$1Bits
Bug |
Category |
Details |
Line |
Priority |
Uncallable method org.apache.commons.collections4.bloomfilter.BitMapExtractor$1Bits.add(long) defined in anonymous class |
CORRECTNESS |
UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS |
102-110 |
Medium |
org.apache.commons.collections4.bloomfilter.CellExtractor$1$CounterCell
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.bloomfilter.CellExtractor$1$CounterCell defines compareTo(CellExtractor$1$CounterCell) and uses Object.equals() |
BAD_PRACTICE |
EQ_COMPARETO_USE_OBJECT_EQUALS |
102 |
Medium |
org.apache.commons.collections4.bloomfilter.EnhancedDoubleHasher
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.bloomfilter.EnhancedDoubleHasher at new org.apache.commons.collections4.bloomfilter.EnhancedDoubleHasher(byte[]) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
98 |
Medium |
org.apache.commons.collections4.bloomfilter.IndexExtractor$1Indices
Bug |
Category |
Details |
Line |
Priority |
Uncallable method org.apache.commons.collections4.bloomfilter.IndexExtractor$1Indices.add(int) defined in anonymous class |
CORRECTNESS |
UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS |
109-111 |
Medium |
org.apache.commons.collections4.bloomfilter.LayerManager
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.bloomfilter.LayerManager at new org.apache.commons.collections4.bloomfilter.LayerManager(Supplier, Predicate, Consumer, boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
304 |
Medium |
org.apache.commons.collections4.bloomfilter.LayeredBloomFilter
Bug |
Category |
Details |
Line |
Priority |
new org.apache.commons.collections4.bloomfilter.LayeredBloomFilter(Shape, LayerManager) may expose internal representation by storing an externally mutable object into LayeredBloomFilter.layerManager |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
105 |
Medium |
org.apache.commons.collections4.bloomfilter.WrappedBloomFilter
Bug |
Category |
Details |
Line |
Priority |
new org.apache.commons.collections4.bloomfilter.WrappedBloomFilter(BloomFilter) may expose internal representation by storing an externally mutable object into WrappedBloomFilter.wrapped |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
36 |
Medium |
org.apache.commons.collections4.collection.CompositeCollection
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.collection.CompositeCollection.setMutator(CompositeCollection$CollectionMutator) may expose internal representation by storing an externally mutable object into CompositeCollection.mutator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
433 |
Medium |
org.apache.commons.collections4.collection.IndexedCollection
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.collection.IndexedCollection at new org.apache.commons.collections4.collection.IndexedCollection(Collection, Transformer, MultiMap, boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
113 |
Medium |
new org.apache.commons.collections4.collection.IndexedCollection(Collection, Transformer, MultiMap, boolean) may expose internal representation by storing an externally mutable object into IndexedCollection.index |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
111 |
Medium |
org.apache.commons.collections4.collection.PredicatedCollection
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.collection.PredicatedCollection at new org.apache.commons.collections4.collection.PredicatedCollection(Collection, Predicate) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
377 |
Medium |
org.apache.commons.collections4.comparators.BooleanComparator
Bug |
Category |
Details |
Line |
Priority |
Class (org.apache.commons.collections4.comparators.BooleanComparator) using singleton design pattern has non-private constructor. |
CORRECTNESS |
SING_SINGLETON_HAS_NONPRIVATE_CONSTRUCTOR |
110-111 |
Medium |
Class (org.apache.commons.collections4.comparators.BooleanComparator) using singleton design pattern directly or indirectly implements Serializable interface. |
CORRECTNESS |
SING_SINGLETON_IMPLEMENTS_SERIALIZABLE |
32-186 |
Medium |
org.apache.commons.collections4.comparators.ComparatorChain
Bug |
Category |
Details |
Line |
Priority |
new org.apache.commons.collections4.comparators.ComparatorChain(List, BitSet) may expose internal representation by storing an externally mutable object into ComparatorChain.comparatorChain |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
130 |
Medium |
new org.apache.commons.collections4.comparators.ComparatorChain(List, BitSet) may expose internal representation by storing an externally mutable object into ComparatorChain.orderingBits |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
131 |
Medium |
org.apache.commons.collections4.comparators.FixedOrderComparator
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.comparators.FixedOrderComparator at new org.apache.commons.collections4.comparators.FixedOrderComparator(List) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
96 |
Medium |
Exception thrown in class org.apache.commons.collections4.comparators.FixedOrderComparator at new org.apache.commons.collections4.comparators.FixedOrderComparator(Object[]) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
111 |
Medium |
org.apache.commons.collections4.functors.InstantiateFactory
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.functors.InstantiateFactory at new org.apache.commons.collections4.functors.InstantiateFactory(Class) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
85 |
Medium |
Exception thrown in class org.apache.commons.collections4.functors.InstantiateFactory at new org.apache.commons.collections4.functors.InstantiateFactory(Class, Class[], Object[]) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
100 |
Medium |
org.apache.commons.collections4.functors.MapTransformer
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.functors.MapTransformer.getMap() may expose internal representation by returning MapTransformer.iMap |
MALICIOUS_CODE |
EI_EXPOSE_REP |
72 |
Medium |
org.apache.commons.collections4.iterators.ArrayIterator
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.iterators.ArrayIterator at new org.apache.commons.collections4.iterators.ArrayIterator(Object) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
58 |
Medium |
Exception thrown in class org.apache.commons.collections4.iterators.ArrayIterator at new org.apache.commons.collections4.iterators.ArrayIterator(Object, int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
72 |
Medium |
Exception thrown in class org.apache.commons.collections4.iterators.ArrayIterator at new org.apache.commons.collections4.iterators.ArrayIterator(Object, int, int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
92 |
Medium |
org.apache.commons.collections4.iterators.BoundedIterator
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.iterators.BoundedIterator at new org.apache.commons.collections4.iterators.BoundedIterator(Iterator, long, long) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
67 |
Medium |
org.apache.commons.collections4.iterators.CollatingIterator
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.iterators.CollatingIterator at new org.apache.commons.collections4.iterators.CollatingIterator() will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
69 |
Medium |
Exception thrown in class org.apache.commons.collections4.iterators.CollatingIterator at new org.apache.commons.collections4.iterators.CollatingIterator(Comparator) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
81 |
Medium |
Exception thrown in class org.apache.commons.collections4.iterators.CollatingIterator at new org.apache.commons.collections4.iterators.CollatingIterator(Comparator, int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
116 |
Medium |
Exception thrown in class org.apache.commons.collections4.iterators.CollatingIterator at new org.apache.commons.collections4.iterators.CollatingIterator(Comparator, Collection) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
97 |
Medium |
Exception thrown in class org.apache.commons.collections4.iterators.CollatingIterator at new org.apache.commons.collections4.iterators.CollatingIterator(Comparator, Iterator, Iterator) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
132 |
Medium |
Exception thrown in class org.apache.commons.collections4.iterators.CollatingIterator at new org.apache.commons.collections4.iterators.CollatingIterator(Comparator, Iterator[]) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
148 |
Medium |
org.apache.commons.collections4.iterators.EntrySetMapIterator
Bug |
Category |
Details |
Line |
Priority |
new org.apache.commons.collections4.iterators.EntrySetMapIterator(Map) may expose internal representation by storing an externally mutable object into EntrySetMapIterator.map |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
54 |
Medium |
org.apache.commons.collections4.iterators.EnumerationIterator
Bug |
Category |
Details |
Line |
Priority |
new org.apache.commons.collections4.iterators.EnumerationIterator(Enumeration, Collection) may expose internal representation by storing an externally mutable object into EnumerationIterator.collection |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
67 |
Medium |
org.apache.commons.collections4.iterators.FilterIterator
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.iterators.FilterIterator.getIterator() may expose internal representation by returning FilterIterator.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP |
79 |
Medium |
new org.apache.commons.collections4.iterators.FilterIterator(Iterator) may expose internal representation by storing an externally mutable object into FilterIterator.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
58 |
Medium |
new org.apache.commons.collections4.iterators.FilterIterator(Iterator, Predicate) may expose internal representation by storing an externally mutable object into FilterIterator.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
69 |
Medium |
org.apache.commons.collections4.iterators.FilterIterator.setIterator(Iterator) may expose internal representation by storing an externally mutable object into FilterIterator.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
146 |
Medium |
org.apache.commons.collections4.iterators.FilterListIterator
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.iterators.FilterListIterator.getListIterator() may expose internal representation by returning FilterListIterator.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP |
134 |
Medium |
new org.apache.commons.collections4.iterators.FilterListIterator(ListIterator) may expose internal representation by storing an externally mutable object into FilterListIterator.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
85 |
Medium |
new org.apache.commons.collections4.iterators.FilterListIterator(ListIterator, Predicate) may expose internal representation by storing an externally mutable object into FilterListIterator.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
95 |
Medium |
org.apache.commons.collections4.iterators.FilterListIterator.setListIterator(ListIterator) may expose internal representation by storing an externally mutable object into FilterListIterator.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
211 |
Medium |
org.apache.commons.collections4.iterators.IteratorChain
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.iterators.IteratorChain at new org.apache.commons.collections4.iterators.IteratorChain(Collection) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
95 |
Medium |
Exception thrown in class org.apache.commons.collections4.iterators.IteratorChain at new org.apache.commons.collections4.iterators.IteratorChain(Iterator) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
113 |
Medium |
Exception thrown in class org.apache.commons.collections4.iterators.IteratorChain at new org.apache.commons.collections4.iterators.IteratorChain(Iterator, Iterator) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
142 |
Medium |
Exception thrown in class org.apache.commons.collections4.iterators.IteratorChain at new org.apache.commons.collections4.iterators.IteratorChain(Iterator[]) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
127 |
Medium |
org.apache.commons.collections4.iterators.IteratorEnumeration
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.iterators.IteratorEnumeration.getIterator() may expose internal representation by returning IteratorEnumeration.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP |
57 |
Medium |
new org.apache.commons.collections4.iterators.IteratorEnumeration(Iterator) may expose internal representation by storing an externally mutable object into IteratorEnumeration.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
48 |
Medium |
org.apache.commons.collections4.iterators.IteratorEnumeration.setIterator(Iterator) may expose internal representation by storing an externally mutable object into IteratorEnumeration.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
88 |
Medium |
org.apache.commons.collections4.iterators.IteratorIterable
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.iterators.IteratorIterable.iterator() may expose internal representation by returning IteratorIterable.typeSafeIterator |
MALICIOUS_CODE |
EI_EXPOSE_REP |
136 |
Medium |
new org.apache.commons.collections4.iterators.IteratorIterable(Iterator, boolean) may expose internal representation by storing an externally mutable object into IteratorIterable.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
121 |
Medium |
org.apache.commons.collections4.iterators.ObjectArrayIterator
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.iterators.ObjectArrayIterator at new org.apache.commons.collections4.iterators.ObjectArrayIterator(Object[]) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
54 |
Medium |
Exception thrown in class org.apache.commons.collections4.iterators.ObjectArrayIterator at new org.apache.commons.collections4.iterators.ObjectArrayIterator(Object[], int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
67 |
Medium |
Exception thrown in class org.apache.commons.collections4.iterators.ObjectArrayIterator at new org.apache.commons.collections4.iterators.ObjectArrayIterator(Object[], int, int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
83 |
Medium |
org.apache.commons.collections4.iterators.ObjectArrayIterator.getArray() may expose internal representation by returning ObjectArrayIterator.array |
MALICIOUS_CODE |
EI_EXPOSE_REP |
106 |
Medium |
new org.apache.commons.collections4.iterators.ObjectArrayIterator(Object[], int, int) may expose internal representation by storing an externally mutable object into ObjectArrayIterator.array |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
94 |
Medium |
org.apache.commons.collections4.iterators.ObjectGraphIterator
Bug |
Category |
Details |
Line |
Priority |
new org.apache.commons.collections4.iterators.ObjectGraphIterator(Object, Transformer) may expose internal representation by storing an externally mutable object into ObjectGraphIterator.currentIterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
107 |
Medium |
new org.apache.commons.collections4.iterators.ObjectGraphIterator(Iterator) may expose internal representation by storing an externally mutable object into ObjectGraphIterator.currentIterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
125 |
Medium |
org.apache.commons.collections4.iterators.PeekingIterator
Bug |
Category |
Details |
Line |
Priority |
new org.apache.commons.collections4.iterators.PeekingIterator(Iterator) may expose internal representation by storing an externally mutable object into PeekingIterator.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
73 |
Medium |
org.apache.commons.collections4.iterators.PushbackIterator
Bug |
Category |
Details |
Line |
Priority |
new org.apache.commons.collections4.iterators.PushbackIterator(Iterator) may expose internal representation by storing an externally mutable object into PushbackIterator.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
70 |
Medium |
org.apache.commons.collections4.iterators.SkippingIterator
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.iterators.SkippingIterator at new org.apache.commons.collections4.iterators.SkippingIterator(Iterator, long) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
56 |
Medium |
org.apache.commons.collections4.iterators.TransformIterator
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.iterators.TransformIterator.getIterator() may expose internal representation by returning TransformIterator.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP |
73 |
Medium |
new org.apache.commons.collections4.iterators.TransformIterator(Iterator) may expose internal representation by storing an externally mutable object into TransformIterator.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
50 |
Medium |
new org.apache.commons.collections4.iterators.TransformIterator(Iterator, Transformer) may expose internal representation by storing an externally mutable object into TransformIterator.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
63 |
Medium |
org.apache.commons.collections4.iterators.TransformIterator.setIterator(Iterator) may expose internal representation by storing an externally mutable object into TransformIterator.iterator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
115 |
Medium |
org.apache.commons.collections4.keyvalue.MultiKey
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.keyvalue.MultiKey at new org.apache.commons.collections4.keyvalue.MultiKey(Object, Object, Object) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
145 |
Medium |
Exception thrown in class org.apache.commons.collections4.keyvalue.MultiKey at new org.apache.commons.collections4.keyvalue.MultiKey(Object, Object, Object, Object) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
160 |
Medium |
Exception thrown in class org.apache.commons.collections4.keyvalue.MultiKey at new org.apache.commons.collections4.keyvalue.MultiKey(Object, Object, Object, Object, Object) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
176 |
Medium |
org.apache.commons.collections4.keyvalue.TiedMapEntry
Bug |
Category |
Details |
Line |
Priority |
new org.apache.commons.collections4.keyvalue.TiedMapEntry(Map, Object) may expose internal representation by storing an externally mutable object into TiedMapEntry.map |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
53 |
Medium |
org.apache.commons.collections4.list.AbstractLinkedList
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.list.AbstractLinkedList at new org.apache.commons.collections4.list.AbstractLinkedList(Collection) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
537 |
Medium |
org.apache.commons.collections4.list.AbstractLinkedList$LinkedListIterator
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.list.AbstractLinkedList$LinkedListIterator at new org.apache.commons.collections4.list.AbstractLinkedList$LinkedListIterator(AbstractLinkedList, int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
112 |
Medium |
org.apache.commons.collections4.list.AbstractLinkedList$LinkedSubList
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.list.AbstractLinkedList$LinkedSubList at new org.apache.commons.collections4.list.AbstractLinkedList$LinkedSubList(AbstractLinkedList, int, int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
240 |
Medium |
org.apache.commons.collections4.list.AbstractLinkedListForJava21
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.list.AbstractLinkedListForJava21 at new org.apache.commons.collections4.list.AbstractLinkedListForJava21(Collection) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
537 |
Medium |
org.apache.commons.collections4.list.AbstractLinkedListForJava21$LinkedListIterator
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.list.AbstractLinkedListForJava21$LinkedListIterator at new org.apache.commons.collections4.list.AbstractLinkedListForJava21$LinkedListIterator(AbstractLinkedListForJava21, int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
112 |
Medium |
org.apache.commons.collections4.list.AbstractLinkedListForJava21$LinkedSubList
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.list.AbstractLinkedListForJava21$LinkedSubList at new org.apache.commons.collections4.list.AbstractLinkedListForJava21$LinkedSubList(AbstractLinkedListForJava21, int, int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
240 |
Medium |
org.apache.commons.collections4.list.AbstractSerializableListDecorator
Bug |
Category |
Details |
Line |
Priority |
Overridable method setCollection is called from readObject. |
MALICIOUS_CODE |
MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT |
56 |
Medium |
org.apache.commons.collections4.list.NodeCachingLinkedList
Bug |
Category |
Details |
Line |
Priority |
Overridable method doReadObject is called from readObject. |
MALICIOUS_CODE |
MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT |
183 |
Medium |
org.apache.commons.collections4.map.AbstractHashedMap
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.map.AbstractHashedMap at new org.apache.commons.collections4.map.AbstractHashedMap(int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
501 |
Medium |
Exception thrown in class org.apache.commons.collections4.map.AbstractHashedMap at new org.apache.commons.collections4.map.AbstractHashedMap(int, float) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
516 |
Medium |
Exception thrown in class org.apache.commons.collections4.map.AbstractHashedMap at new org.apache.commons.collections4.map.AbstractHashedMap(Map) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
550 |
Medium |
Do not catch NullPointerException like in org.apache.commons.collections4.map.AbstractHashedMap.equals(Object) |
STYLE |
DCN_NULLPOINTER_EXCEPTION |
1039 |
Medium |
org.apache.commons.collections4.map.AbstractHashedMap.entrySet() may expose internal representation by returning AbstractHashedMap.entrySet |
MALICIOUS_CODE |
EI_EXPOSE_REP |
990 |
Medium |
org.apache.commons.collections4.map.AbstractHashedMap.keySet() may expose internal representation by returning AbstractHashedMap.keySet |
MALICIOUS_CODE |
EI_EXPOSE_REP |
1189 |
Medium |
org.apache.commons.collections4.map.AbstractHashedMap.values() may expose internal representation by returning AbstractHashedMap.values |
MALICIOUS_CODE |
EI_EXPOSE_REP |
1400 |
Medium |
Overridable method init is called from method clone() in class org.apache.commons.collections4.map.AbstractHashedMap. |
MALICIOUS_CODE |
MC_OVERRIDABLE_METHOD_CALL_IN_CLONE |
692 |
Medium |
org.apache.commons.collections4.map.AbstractHashedMap$HashIterator
Bug |
Category |
Details |
Line |
Priority |
Self assignment of field AbstractHashedMap$HashIterator.hashIndex in org.apache.commons.collections4.map.AbstractHashedMap$HashIterator.nextEntry() |
CORRECTNESS |
SA_FIELD_SELF_ASSIGNMENT |
263 |
High |
org.apache.commons.collections4.map.AbstractLinkedMap$LinkEntry
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.map.AbstractLinkedMap$LinkEntry doesn't override AbstractHashedMap$HashEntry.equals(Object) |
STYLE |
EQ_DOESNT_OVERRIDE_EQUALS |
1 |
Medium |
org.apache.commons.collections4.map.AbstractReferenceMap
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.map.AbstractReferenceMap.entrySet() may expose internal representation by returning AbstractHashedMap.entrySet |
MALICIOUS_CODE |
EI_EXPOSE_REP |
873 |
Medium |
org.apache.commons.collections4.map.AbstractReferenceMap.keySet() may expose internal representation by returning AbstractHashedMap.keySet |
MALICIOUS_CODE |
EI_EXPOSE_REP |
983 |
Medium |
org.apache.commons.collections4.map.AbstractReferenceMap.values() may expose internal representation by returning AbstractHashedMap.values |
MALICIOUS_CODE |
EI_EXPOSE_REP |
1119 |
Medium |
org.apache.commons.collections4.map.AbstractReferenceMap$ReferenceBaseIterator
Bug |
Category |
Details |
Line |
Priority |
Self assignment of field AbstractReferenceMap$ReferenceBaseIterator.index in org.apache.commons.collections4.map.AbstractReferenceMap$ReferenceBaseIterator.hasNext() |
CORRECTNESS |
SA_FIELD_SELF_ASSIGNMENT |
143 |
High |
Self assignment of field AbstractReferenceMap$ReferenceBaseIterator.next in org.apache.commons.collections4.map.AbstractReferenceMap$ReferenceBaseIterator.hasNext() |
CORRECTNESS |
SA_FIELD_SELF_ASSIGNMENT |
142 |
High |
Unread field: org.apache.commons.collections4.map.AbstractReferenceMap$ReferenceBaseIterator.currentValue |
PERFORMANCE |
URF_UNREAD_FIELD |
164 |
Medium |
org.apache.commons.collections4.map.AbstractReferenceMap$ReferenceEntry
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.map.AbstractReferenceMap$ReferenceEntry at new org.apache.commons.collections4.map.AbstractReferenceMap$ReferenceEntry(AbstractReferenceMap, AbstractHashedMap$HashEntry, int, Object, Object) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
215 |
Medium |
new org.apache.commons.collections4.map.AbstractReferenceMap$ReferenceEntry(AbstractReferenceMap, AbstractHashedMap$HashEntry, int, Object, Object) may expose internal representation by storing an externally mutable object into AbstractReferenceMap$ReferenceEntry.parent |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
214 |
Medium |
org.apache.commons.collections4.map.CompositeMap
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.map.CompositeMap at new org.apache.commons.collections4.map.CompositeMap() will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
132 |
Medium |
Exception thrown in class org.apache.commons.collections4.map.CompositeMap at new org.apache.commons.collections4.map.CompositeMap(Map, Map) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
155 |
Medium |
Exception thrown in class org.apache.commons.collections4.map.CompositeMap at new org.apache.commons.collections4.map.CompositeMap(Map, Map, CompositeMap$MapMutator) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
167 |
Medium |
Exception thrown in class org.apache.commons.collections4.map.CompositeMap at new org.apache.commons.collections4.map.CompositeMap(Map[]) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
143 |
Medium |
Exception thrown in class org.apache.commons.collections4.map.CompositeMap at new org.apache.commons.collections4.map.CompositeMap(Map[], CompositeMap$MapMutator) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
182 |
Medium |
new org.apache.commons.collections4.map.CompositeMap(Map[], CompositeMap$MapMutator) may expose internal representation by storing an externally mutable object into CompositeMap.mutator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
179 |
Medium |
org.apache.commons.collections4.map.CompositeMap.setMutator(CompositeMap$MapMutator) may expose internal representation by storing an externally mutable object into CompositeMap.mutator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
526 |
Medium |
org.apache.commons.collections4.map.EntrySetToMapIteratorAdapter
Bug |
Category |
Details |
Line |
Priority |
new org.apache.commons.collections4.map.EntrySetToMapIteratorAdapter(Set) may expose internal representation by storing an externally mutable object into EntrySetToMapIteratorAdapter.entrySet |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
50 |
Medium |
org.apache.commons.collections4.map.Flat3Map
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.map.Flat3Map at new org.apache.commons.collections4.map.Flat3Map(Map) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
551 |
Medium |
Overridable method createDelegateMap is called from readObject. |
MALICIOUS_CODE |
MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT |
1040 |
Medium |
Overridable method put is called from readObject. |
MALICIOUS_CODE |
MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT |
1043 |
Medium |
Overridable method readInt is called from readObject. |
MALICIOUS_CODE |
MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT |
1038 |
Medium |
Switch statement found in org.apache.commons.collections4.map.Flat3Map.convertToMap() where one case falls through to the next case |
STYLE |
SF_SWITCH_FALLTHROUGH |
691-693 |
Medium |
Switch statement found in org.apache.commons.collections4.map.Flat3Map.hashCode() where one case falls through to the next case |
STYLE |
SF_SWITCH_FALLTHROUGH |
856-858 |
Medium |
Switch statement found in org.apache.commons.collections4.map.Flat3Map.toString() where one case falls through to the next case |
STYLE |
SF_SWITCH_FALLTHROUGH |
1231-1233 |
Medium |
org.apache.commons.collections4.map.LRUMap
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.map.LRUMap at new org.apache.commons.collections4.map.LRUMap(int, float, boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
132 |
Medium |
Exception thrown in class org.apache.commons.collections4.map.LRUMap at new org.apache.commons.collections4.map.LRUMap(int, int, float) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
161 |
Medium |
Exception thrown in class org.apache.commons.collections4.map.LRUMap at new org.apache.commons.collections4.map.LRUMap(int, int, float, boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
183 |
Medium |
Do not catch NullPointerException like in org.apache.commons.collections4.map.LRUMap.reuseMapping(AbstractLinkedMap$LinkEntry, int, int, Object, Object) |
STYLE |
DCN_NULLPOINTER_EXCEPTION |
494 |
Medium |
Overridable method doReadObject is called from readObject. |
MALICIOUS_CODE |
MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT |
416 |
Medium |
org.apache.commons.collections4.map.MultiValueMap
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.map.MultiValueMap at new org.apache.commons.collections4.map.MultiValueMap() will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
226 |
Medium |
Exception thrown in class org.apache.commons.collections4.map.MultiValueMap at new org.apache.commons.collections4.map.MultiValueMap(Map, Factory) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
242 |
Medium |
org.apache.commons.collections4.map.SingletonMap
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.map.SingletonMap at new org.apache.commons.collections4.map.SingletonMap(Map) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
239 |
Medium |
org.apache.commons.collections4.multimap.AbstractMultiValuedMap
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.multimap.AbstractMultiValuedMap.keys() may expose internal representation by returning AbstractMultiValuedMap.keysMultiSetView |
MALICIOUS_CODE |
EI_EXPOSE_REP |
723 |
Medium |
org.apache.commons.collections4.multiset.AbstractMultiSet
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.multiset.AbstractMultiSet.entrySet() may expose internal representation by returning AbstractMultiSet.entrySet |
MALICIOUS_CODE |
EI_EXPOSE_REP |
353 |
Medium |
org.apache.commons.collections4.multiset.AbstractMultiSet.uniqueSet() may expose internal representation by returning AbstractMultiSet.uniqueSet |
MALICIOUS_CODE |
EI_EXPOSE_REP |
486 |
Medium |
org.apache.commons.collections4.properties.OrderedProperties
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.properties.OrderedProperties.keySet() may expose internal representation by returning OrderedProperties.orderedKeys |
MALICIOUS_CODE |
EI_EXPOSE_REP |
93 |
Medium |
org.apache.commons.collections4.properties.OrderedProperties doesn't override java.util.Properties.equals(Object) |
STYLE |
EQ_DOESNT_OVERRIDE_EQUALS |
1 |
Medium |
org.apache.commons.collections4.properties.PropertiesFactory$EmptyProperties
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.properties.PropertiesFactory$EmptyProperties.getProperty(String, String) is unsynchronized, org.apache.commons.collections4.properties.PropertiesFactory$EmptyProperties.setProperty(String, String) is synchronized |
MT_CORRECTNESS |
UG_SYNC_SET_UNSYNC_GET |
127 |
Medium |
org.apache.commons.collections4.queue.CircularFifoQueue
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.queue.CircularFifoQueue at new org.apache.commons.collections4.queue.CircularFifoQueue() will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
84 |
Medium |
Exception thrown in class org.apache.commons.collections4.queue.CircularFifoQueue at new org.apache.commons.collections4.queue.CircularFifoQueue(int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
108 |
Medium |
Exception thrown in class org.apache.commons.collections4.queue.CircularFifoQueue at new org.apache.commons.collections4.queue.CircularFifoQueue(Collection) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
95 |
Medium |
Overridable method readInt is called from readObject. |
MALICIOUS_CODE |
MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT |
362 |
Medium |
org.apache.commons.collections4.sequence.SequencesComparator
Bug |
Category |
Details |
Line |
Priority |
new org.apache.commons.collections4.sequence.SequencesComparator(List, List, Equator) may expose internal representation by storing an externally mutable object into SequencesComparator.sequence1 |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
164 |
Medium |
new org.apache.commons.collections4.sequence.SequencesComparator(List, List, Equator) may expose internal representation by storing an externally mutable object into SequencesComparator.sequence2 |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
165 |
Medium |
org.apache.commons.collections4.set.AbstractSerializableSetDecorator
Bug |
Category |
Details |
Line |
Priority |
Overridable method setCollection is called from readObject. |
MALICIOUS_CODE |
MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT |
57 |
Medium |
org.apache.commons.collections4.set.CompositeSet
Bug |
Category |
Details |
Line |
Priority |
Exception thrown in class org.apache.commons.collections4.set.CompositeSet at new org.apache.commons.collections4.set.CompositeSet(Set) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
129 |
Medium |
Exception thrown in class org.apache.commons.collections4.set.CompositeSet at new org.apache.commons.collections4.set.CompositeSet(Set[]) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
138 |
Medium |
org.apache.commons.collections4.set.CompositeSet.setMutator(CompositeSet$SetMutator) may expose internal representation by storing an externally mutable object into CompositeSet.mutator |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
455 |
Medium |
org.apache.commons.collections4.trie.AbstractPatriciaTrie
Bug |
Category |
Details |
Line |
Priority |
org.apache.commons.collections4.trie.AbstractPatriciaTrie.entrySet() may expose internal representation by returning AbstractPatriciaTrie.entrySet |
MALICIOUS_CODE |
EI_EXPOSE_REP |
1420 |
Medium |
org.apache.commons.collections4.trie.AbstractPatriciaTrie.keySet() may expose internal representation by returning AbstractPatriciaTrie.keySet |
MALICIOUS_CODE |
EI_EXPOSE_REP |
1694 |
Medium |
org.apache.commons.collections4.trie.AbstractPatriciaTrie.values() may expose internal representation by returning AbstractPatriciaTrie.values |
MALICIOUS_CODE |
EI_EXPOSE_REP |
2431 |
Medium |
Overridable method put is called from readObject. |
MALICIOUS_CODE |
MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT |
2071 |
Medium |
Overridable method readInt is called from readObject. |
MALICIOUS_CODE |
MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT |
2067 |
Medium |
org.apache.commons.collections4.trie.AbstractPatriciaTrie$PrefixRangeMap
Bug |
Category |
Details |
Line |
Priority |
Potentially ambiguous invocation of either an outer or inherited method java.util.AbstractMap.keySet() in org.apache.commons.collections4.trie.AbstractPatriciaTrie$PrefixRangeMap.clear() |
STYLE |
IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD |
562 |
High |
org.apache.commons.collections4.trie.AbstractPatriciaTrie$TrieEntry
Bug |
Category |
Details |
Line |
Priority |
new org.apache.commons.collections4.trie.AbstractPatriciaTrie$TrieEntry(Object, Object, int) may expose internal representation by storing an externally mutable object into AbstractPatriciaTrie$TrieEntry.left |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
1006 |
Medium |
new org.apache.commons.collections4.trie.AbstractPatriciaTrie$TrieEntry(Object, Object, int) may expose internal representation by storing an externally mutable object into AbstractPatriciaTrie$TrieEntry.predecessor |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
1008 |
Medium |
|