Built by Maven

SpotBugs Bug Detector Report

The following document contains the results of SpotBugs

SpotBugs Version is 4.9.4

Threshold is medium

Effort is max

Summary

Classes Bugs Errors Missing Classes
119 43 0 0

Files

Class Bugs
org.forgerock.audit.AuditServiceBuilder 1
org.forgerock.audit.AuditServiceConfiguration 3
org.forgerock.audit.AuditServiceImpl$NullQueryHandler 1
org.forgerock.audit.events.AuditEvent 1
org.forgerock.audit.events.AuditEventHelper 1
org.forgerock.audit.events.EventTopicsMetaData 1
org.forgerock.audit.events.handlers.AuditEventTopicState 2
org.forgerock.audit.events.handlers.EventHandlerConfiguration 2
org.forgerock.audit.events.handlers.FileBasedEventHandlerConfiguration 4
org.forgerock.audit.events.handlers.FileBasedEventHandlerConfiguration$FileRotation 1
org.forgerock.audit.events.handlers.writers.AsynchronousTextWriter 2
org.forgerock.audit.events.handlers.writers.MeteredStream 1
org.forgerock.audit.events.handlers.writers.RotatableWriter 5
org.forgerock.audit.events.handlers.writers.TextWriter$Stream 1
org.forgerock.audit.events.handlers.writers.TextWriterAdapter 1
org.forgerock.audit.providers.DefaultKeyStoreHandlerProvider 1
org.forgerock.audit.providers.DefaultSecureStorageProvider 1
org.forgerock.audit.rotation.FixedTimeRotationPolicy 2
org.forgerock.audit.rotation.RotationContext 2
org.forgerock.audit.secure.JcaKeyStoreHandler 3
org.forgerock.audit.secure.KeyStoreHandlerDecorator 1
org.forgerock.audit.secure.KeyStoreSecureStorage 3
org.forgerock.audit.util.DateUtil 1
org.forgerock.audit.util.JsonValueUtils 1
org.forgerock.audit.util.LastModifiedTimeFileComparator 1

org.forgerock.audit.AuditServiceBuilder

Bug Category Details Line Priority
org.forgerock.audit.AuditServiceBuilder.withConfiguration(AuditServiceConfiguration) may expose internal representation by storing an externally mutable object into AuditServiceBuilder.auditServiceConfiguration MALICIOUS_CODE EI_EXPOSE_REP2 77 Medium

org.forgerock.audit.AuditServiceConfiguration

Bug Category Details Line Priority
org.forgerock.audit.AuditServiceConfiguration.getAvailableAuditEventHandlers() may expose internal representation by returning AuditServiceConfiguration.availableAuditEventHandlers MALICIOUS_CODE EI_EXPOSE_REP 113 Medium
org.forgerock.audit.AuditServiceConfiguration.getFilterPolicies() may expose internal representation by returning AuditServiceConfiguration.filterPolicies MALICIOUS_CODE EI_EXPOSE_REP 131 Medium
org.forgerock.audit.AuditServiceConfiguration.setAvailableAuditEventHandlers(List) may expose internal representation by storing an externally mutable object into AuditServiceConfiguration.availableAuditEventHandlers MALICIOUS_CODE EI_EXPOSE_REP2 123 Medium

org.forgerock.audit.AuditServiceImpl$NullQueryHandler

Bug Category Details Line Priority
Should org.forgerock.audit.AuditServiceImpl$NullQueryHandler be a _static_ inner class? PERFORMANCE SIC_INNER_SHOULD_BE_STATIC 485-540 Medium

org.forgerock.audit.events.AuditEvent

Bug Category Details Line Priority
org.forgerock.audit.events.AuditEvent.getValue() may expose internal representation by returning AuditEvent.value MALICIOUS_CODE EI_EXPOSE_REP 44 Medium

org.forgerock.audit.events.AuditEventHelper

Bug Category Details Line Priority
Redundant nullcheck of newPath, which is known to be non-null in org.forgerock.audit.events.AuditEventHelper.jsonPointerToDotNotation(String) STYLE RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE 130 Medium

org.forgerock.audit.events.EventTopicsMetaData

Bug Category Details Line Priority
new org.forgerock.audit.events.EventTopicsMetaData(Map) may expose internal representation by storing an externally mutable object into EventTopicsMetaData.eventTopicsMetaData MALICIOUS_CODE EI_EXPOSE_REP2 41 Medium

org.forgerock.audit.events.handlers.AuditEventTopicState

Bug Category Details Line Priority
org.forgerock.audit.events.handlers.AuditEventTopicState.getEvent() may expose internal representation by returning AuditEventTopicState.event MALICIOUS_CODE EI_EXPOSE_REP 64 Medium
new org.forgerock.audit.events.handlers.AuditEventTopicState(Context, String, JsonValue) may expose internal representation by storing an externally mutable object into AuditEventTopicState.event MALICIOUS_CODE EI_EXPOSE_REP2 46 Medium

org.forgerock.audit.events.handlers.EventHandlerConfiguration

Bug Category Details Line Priority
org.forgerock.audit.events.handlers.EventHandlerConfiguration.getTopics() may expose internal representation by returning EventHandlerConfiguration.topics MALICIOUS_CODE EI_EXPOSE_REP 86 Medium
org.forgerock.audit.events.handlers.EventHandlerConfiguration.setTopics(Set) may expose internal representation by storing an externally mutable object into EventHandlerConfiguration.topics MALICIOUS_CODE EI_EXPOSE_REP2 96 Medium

org.forgerock.audit.events.handlers.FileBasedEventHandlerConfiguration

Bug Category Details Line Priority
org.forgerock.audit.events.handlers.FileBasedEventHandlerConfiguration.getFileRetention() may expose internal representation by returning FileBasedEventHandlerConfiguration.fileRetention MALICIOUS_CODE EI_EXPOSE_REP 80 Medium
org.forgerock.audit.events.handlers.FileBasedEventHandlerConfiguration.getFileRotation() may expose internal representation by returning FileBasedEventHandlerConfiguration.fileRotation MALICIOUS_CODE EI_EXPOSE_REP 62 Medium
org.forgerock.audit.events.handlers.FileBasedEventHandlerConfiguration.setFileRetention(FileBasedEventHandlerConfiguration$FileRetention) may expose internal representation by storing an externally mutable object into FileBasedEventHandlerConfiguration.fileRetention MALICIOUS_CODE EI_EXPOSE_REP2 90 Medium
org.forgerock.audit.events.handlers.FileBasedEventHandlerConfiguration.setFileRotation(FileBasedEventHandlerConfiguration$FileRotation) may expose internal representation by storing an externally mutable object into FileBasedEventHandlerConfiguration.fileRotation MALICIOUS_CODE EI_EXPOSE_REP2 72 Medium

org.forgerock.audit.events.handlers.FileBasedEventHandlerConfiguration$FileRotation

Bug Category Details Line Priority
org.forgerock.audit.events.handlers.FileBasedEventHandlerConfiguration$FileRotation.getRotationTimes() may expose internal representation by returning FileBasedEventHandlerConfiguration$FileRotation.rotationTimes MALICIOUS_CODE EI_EXPOSE_REP 278 Medium

org.forgerock.audit.events.handlers.writers.AsynchronousTextWriter

Bug Category Details Line Priority
org.forgerock.audit.events.handlers.writers.AsynchronousTextWriter.getWrappedWriter() may expose internal representation by returning AsynchronousTextWriter.writer MALICIOUS_CODE EI_EXPOSE_REP 191 Medium
new org.forgerock.audit.events.handlers.writers.AsynchronousTextWriter(String, boolean, TextWriter) may expose internal representation by storing an externally mutable object into AsynchronousTextWriter.writer MALICIOUS_CODE EI_EXPOSE_REP2 74 Medium

org.forgerock.audit.events.handlers.writers.MeteredStream

Bug Category Details Line Priority
new org.forgerock.audit.events.handlers.writers.MeteredStream(OutputStream, long) may expose internal representation by storing an externally mutable object into MeteredStream.out MALICIOUS_CODE EI_EXPOSE_REP2 40 Medium

org.forgerock.audit.events.handlers.writers.RotatableWriter

Bug Category Details Line Priority
Exception thrown in class org.forgerock.audit.events.handlers.writers.RotatableWriter at new org.forgerock.audit.events.handlers.writers.RotatableWriter(File, FileBasedEventHandlerConfiguration, boolean, RotatableWriter$RolloverLifecycleHook) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. BAD_PRACTICE CT_CONSTRUCTOR_THROW 100 Medium
Exception thrown in class org.forgerock.audit.events.handlers.writers.RotatableWriter at new org.forgerock.audit.events.handlers.writers.RotatableWriter(File, FileBasedEventHandlerConfiguration, boolean, FileNamingPolicy) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. BAD_PRACTICE CT_CONSTRUCTOR_THROW 111 Medium
Exception thrown in class org.forgerock.audit.events.handlers.writers.RotatableWriter at new org.forgerock.audit.events.handlers.writers.RotatableWriter(File, FileBasedEventHandlerConfiguration, boolean, FileNamingPolicy, RotatableWriter$RolloverLifecycleHook) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. BAD_PRACTICE CT_CONSTRUCTOR_THROW 126 Medium
org.forgerock.audit.events.handlers.writers.RotatableWriter.getLastRotationTime() may expose internal representation by returning RotatableWriter.lastRotationTime MALICIOUS_CODE EI_EXPOSE_REP 246 Medium
org.forgerock.audit.events.handlers.writers.RotatableWriter.forceRotation() does not release lock on all exception paths MT_CORRECTNESS UL_UNRELEASED_LOCK_EXCEPTION_PATH 311 Medium

org.forgerock.audit.events.handlers.writers.TextWriter$Stream

Bug Category Details Line Priority
Found reliance on default encoding in new org.forgerock.audit.events.handlers.writers.TextWriter$Stream(OutputStream): new java.io.PrintWriter(OutputStream, boolean) I18N DM_DEFAULT_ENCODING 71 High

org.forgerock.audit.events.handlers.writers.TextWriterAdapter

Bug Category Details Line Priority
new org.forgerock.audit.events.handlers.writers.TextWriterAdapter(TextWriter) may expose internal representation by storing an externally mutable object into TextWriterAdapter.delegate MALICIOUS_CODE EI_EXPOSE_REP2 35 Medium

org.forgerock.audit.providers.DefaultKeyStoreHandlerProvider

Bug Category Details Line Priority
new org.forgerock.audit.providers.DefaultKeyStoreHandlerProvider(Map) may expose internal representation by storing an externally mutable object into DefaultKeyStoreHandlerProvider.keyStoreHandlers MALICIOUS_CODE EI_EXPOSE_REP2 46 Medium

org.forgerock.audit.providers.DefaultSecureStorageProvider

Bug Category Details Line Priority
new org.forgerock.audit.providers.DefaultSecureStorageProvider(Map) may expose internal representation by storing an externally mutable object into DefaultSecureStorageProvider.secureStorages MALICIOUS_CODE EI_EXPOSE_REP2 46 Medium

org.forgerock.audit.rotation.FixedTimeRotationPolicy

Bug Category Details Line Priority
org.forgerock.audit.rotation.FixedTimeRotationPolicy.getDailyRotationTimes() may expose internal representation by returning FixedTimeRotationPolicy.dailyRotationTimes MALICIOUS_CODE EI_EXPOSE_REP 65 Medium
new org.forgerock.audit.rotation.FixedTimeRotationPolicy(List) may expose internal representation by storing an externally mutable object into FixedTimeRotationPolicy.dailyRotationTimes MALICIOUS_CODE EI_EXPOSE_REP2 41 Medium

org.forgerock.audit.rotation.RotationContext

Bug Category Details Line Priority
org.forgerock.audit.rotation.RotationContext.getWriter() may expose internal representation by returning RotationContext.writer MALICIOUS_CODE EI_EXPOSE_REP 68 Medium
org.forgerock.audit.rotation.RotationContext.setWriter(Writer) may expose internal representation by storing an externally mutable object into RotationContext.writer MALICIOUS_CODE EI_EXPOSE_REP2 76 Medium

org.forgerock.audit.secure.JcaKeyStoreHandler

Bug Category Details Line Priority
Exception thrown in class org.forgerock.audit.secure.JcaKeyStoreHandler at new org.forgerock.audit.secure.JcaKeyStoreHandler(String, String, String) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. BAD_PRACTICE CT_CONSTRUCTOR_THROW 59 Medium
org.forgerock.audit.secure.JcaKeyStoreHandler.getStore() may expose internal representation by returning JcaKeyStoreHandler.store MALICIOUS_CODE EI_EXPOSE_REP 80 Medium
org.forgerock.audit.secure.JcaKeyStoreHandler.setStore(KeyStore) may expose internal representation by storing an externally mutable object into JcaKeyStoreHandler.store MALICIOUS_CODE EI_EXPOSE_REP2 85 Medium

org.forgerock.audit.secure.KeyStoreHandlerDecorator

Bug Category Details Line Priority
new org.forgerock.audit.secure.KeyStoreHandlerDecorator(KeyStoreHandler) may expose internal representation by storing an externally mutable object into KeyStoreHandlerDecorator.delegate MALICIOUS_CODE EI_EXPOSE_REP2 40 Medium

org.forgerock.audit.secure.KeyStoreSecureStorage

Bug Category Details Line Priority
Exception thrown in class org.forgerock.audit.secure.KeyStoreSecureStorage at new org.forgerock.audit.secure.KeyStoreSecureStorage(KeyStoreHandler, PrivateKey) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. BAD_PRACTICE CT_CONSTRUCTOR_THROW 65 Medium
Exception thrown in class org.forgerock.audit.secure.KeyStoreSecureStorage at new org.forgerock.audit.secure.KeyStoreSecureStorage(KeyStoreHandler, PublicKey) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. BAD_PRACTICE CT_CONSTRUCTOR_THROW 77 Medium
Exception thrown in class org.forgerock.audit.secure.KeyStoreSecureStorage at new org.forgerock.audit.secure.KeyStoreSecureStorage(KeyStoreHandler, PublicKey, PrivateKey) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. BAD_PRACTICE CT_CONSTRUCTOR_THROW 98 Medium

org.forgerock.audit.util.DateUtil

Bug Category Details Line Priority
Possible null pointer dereference of result in org.forgerock.audit.util.DateUtil.getDateDifferenceInDays(Date, Date, Boolean) CORRECTNESS NP_NULL_ON_SOME_PATH 214 Medium

org.forgerock.audit.util.JsonValueUtils

Bug Category Details Line Priority
org.forgerock.audit.util.JsonValueUtils.findObjectsThatMatchPrefix(JsonPointer, Map) makes inefficient use of keySet iterator instead of entrySet iterator PERFORMANCE WMI_WRONG_MAP_ITERATOR 229 Medium

org.forgerock.audit.util.LastModifiedTimeFileComparator

Bug Category Details Line Priority
org.forgerock.audit.util.LastModifiedTimeFileComparator implements Comparator but not Serializable BAD_PRACTICE SE_COMPARATOR_SHOULD_BE_SERIALIZABLE 24-48 Medium