SpotBugs Bug Detector Report
The following document contains the results of SpotBugs
SpotBugs Version is 4.9.3
Threshold is medium
Effort is max
Summary
| Classes |
Bugs |
Errors |
Missing Classes |
| 9 |
17 |
0 |
2 |
de.gmorling.scriptabledataset.ScriptableDataSetConfig
| Bug |
Category |
Details |
Line |
Priority |
| de.gmorling.scriptabledataset.ScriptableDataSetConfig.getHandlers() may expose internal representation by returning ScriptableDataSetConfig.handlers |
MALICIOUS_CODE |
EI_EXPOSE_REP |
103 |
Medium |
de.gmorling.scriptabledataset.ScriptableDataSetTest
| Bug |
Category |
Details |
Line |
Priority |
| de.gmorling.scriptabledataset.ScriptableDataSetTest.customHandler() may fail to clean up java.io.InputStream |
EXPERIMENTAL |
OBL_UNSATISFIED_OBLIGATION |
182 |
Medium |
| de.gmorling.scriptabledataset.ScriptableDataSetTest.dataSetWithMultipleLanguages() may fail to clean up java.io.InputStream |
EXPERIMENTAL |
OBL_UNSATISFIED_OBLIGATION |
161 |
Medium |
| de.gmorling.scriptabledataset.ScriptableDataSetTest.groovyScript() may fail to clean up java.io.InputStream |
EXPERIMENTAL |
OBL_UNSATISFIED_OBLIGATION |
143 |
Medium |
| de.gmorling.scriptabledataset.ScriptableDataSetTest.jRubyScript() may fail to clean up java.io.InputStream |
EXPERIMENTAL |
OBL_UNSATISFIED_OBLIGATION |
126 |
Medium |
| de.gmorling.scriptabledataset.ScriptableDataSetTest.unknownScriptingEngine() may fail to clean up java.io.InputStream |
EXPERIMENTAL |
OBL_UNSATISFIED_OBLIGATION |
200 |
Medium |
de.gmorling.scriptabledataset.ScriptableIterator
| Bug |
Category |
Details |
Line |
Priority |
| new de.gmorling.scriptabledataset.ScriptableIterator(ITableIterator, List) may expose internal representation by storing an externally mutable object into ScriptableIterator.configurations |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
45 |
Medium |
de.gmorling.scriptabledataset.ScriptableTable
| Bug |
Category |
Details |
Line |
Priority |
| Exception thrown in class de.gmorling.scriptabledataset.ScriptableTable at new de.gmorling.scriptabledataset.ScriptableTable(ITable, List) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
75 |
Medium |
| Class de.gmorling.scriptabledataset.ScriptableTable holds a map-type field de.gmorling.scriptabledataset.ScriptableTable.enginesByPrefix, but uses it as only a List |
CORRECTNESS |
DMC_DUBIOUS_MAP_COLLECTION |
Not available |
Medium |
| Constrained method de.gmorling.scriptabledataset.ScriptableTable.getValue(int, String) converts checked exception to unchecked instead of another allowable checked exception |
STYLE |
EXS_EXCEPTION_SOFTENING_HAS_CHECKED |
133 |
Medium |
| Method new de.gmorling.scriptabledataset.ScriptableTable(ITable, List) does not presize the allocation of a collection |
PERFORMANCE |
PSC_PRESIZE_COLLECTIONS |
77 |
Medium |
| Method new de.gmorling.scriptabledataset.ScriptableTable(ITable, List) does not presize the allocation of a collection |
PERFORMANCE |
PSC_PRESIZE_COLLECTIONS |
85 |
Medium |
| This use of javax/script/ScriptEngine.eval(Ljava/lang/String;)Ljava/lang/Object; can be vulnerable to code injection |
SECURITY |
SCRIPT_ENGINE_INJECTION |
131 |
Medium |
de.gmorling.scriptabledataset.handlers.JRubyScriptInvocationHandler
| Bug |
Category |
Details |
Line |
Priority |
| de.gmorling.scriptabledataset.handlers.JRubyScriptInvocationHandler.setScriptEngine(ScriptEngine) may expose internal representation by storing an externally mutable object into JRubyScriptInvocationHandler.engine |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
62 |
Medium |
| Constrained method de.gmorling.scriptabledataset.handlers.JRubyScriptInvocationHandler.postInvoke(Object) converts checked exception to unchecked |
STYLE |
EXS_EXCEPTION_SOFTENING_NO_CHECKED |
52 |
Medium |
| Method de.gmorling.scriptabledataset.handlers.JRubyScriptInvocationHandler.postInvoke(Object) makes literal string comparisons passing the literal as an argument |
STYLE |
LSC_LITERAL_STRING_COMPARISON |
48 |
High |
de.gmorling.scriptabledataset.handlers.StandardHandlerConfig
| Bug |
Category |
Details |
Line |
Priority |
| Method de.gmorling.scriptabledataset.handlers.StandardHandlerConfig.getStandardHandlersByLanguage(String) checks a map with containsKey(), before using get() |
CORRECTNESS |
MUI_CONTAINSKEY_BEFORE_GET |
81 |
Medium |
