SpotBugs Bug Detector Report
The following document contains the results of SpotBugs
SpotBugs Version is 4.9.4
Threshold is medium
Effort is max
Summary
| Classes |
Bugs |
Errors |
Missing Classes |
| 15 |
5 |
0 |
0 |
org.forgerock.json.crypto.JsonCrypto
| Bug |
Category |
Details |
Line |
Priority |
| Exception thrown in class org.forgerock.json.crypto.JsonCrypto at new org.forgerock.json.crypto.JsonCrypto(JsonValue) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
BAD_PRACTICE |
CT_CONSTRUCTOR_THROW |
71 |
Medium |
| org.forgerock.json.crypto.JsonCrypto.getValue() may expose internal representation by returning JsonCrypto.value |
MALICIOUS_CODE |
EI_EXPOSE_REP |
124 |
Medium |
| org.forgerock.json.crypto.JsonCrypto.setValue(JsonValue) may expose internal representation by storing an externally mutable object into JsonCrypto.value |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
133 |
Medium |
org.forgerock.json.crypto.simple.HKDFKeyGenerator$HKDFMasterKey
| Bug |
Category |
Details |
Line |
Priority |
| org.forgerock.json.crypto.simple.HKDFKeyGenerator$HKDFMasterKey doesn't override javax.crypto.spec.SecretKeySpec.equals(Object) |
STYLE |
EQ_DOESNT_OVERRIDE_EQUALS |
1 |
Medium |
org.forgerock.json.crypto.simple.SimpleKeyStoreSelector
| Bug |
Category |
Details |
Line |
Priority |
| new org.forgerock.json.crypto.simple.SimpleKeyStoreSelector(KeyStore, String) may expose internal representation by storing an externally mutable object into SimpleKeyStoreSelector.keyStore |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
45 |
Medium |
