Built by Maven

SpotBugs Bug Detector Report

The following document contains the results of SpotBugs

SpotBugs Version is 4.9.4

Threshold is medium

Effort is max

Summary

Classes Bugs Errors Missing Classes
9 11 0 0

Files

Class Bugs
org.forgerock.security.keystore.KeyStoreBuilder 3
org.forgerock.security.keystore.KeyStoreConfiguration 2
org.forgerock.security.keystore.KeyStoreConfigurationManagerImpl 2
org.forgerock.security.keystore.KeyStoreManager 2
org.forgerock.security.keystore.MapKeyStoreParameters 2

org.forgerock.security.keystore.KeyStoreBuilder

Bug Category Details Line Priority
org.forgerock.security.keystore.KeyStoreBuilder.withPassword(char[]) may expose internal representation by storing an externally mutable object into KeyStoreBuilder.password MALICIOUS_CODE EI_EXPOSE_REP2 132 Medium
org.forgerock.security.keystore.KeyStoreBuilder.withKeyStoreFile(File) may fail to clean up java.io.InputStream EXPERIMENTAL OBL_UNSATISFIED_OBLIGATION 77 Medium
org.forgerock.security.keystore.KeyStoreBuilder.withKeyStoreFile(String) may fail to clean up java.io.InputStream EXPERIMENTAL OBL_UNSATISFIED_OBLIGATION 92 Medium

org.forgerock.security.keystore.KeyStoreConfiguration

Bug Category Details Line Priority
org.forgerock.security.keystore.KeyStoreConfiguration.getParameters() may expose internal representation by returning KeyStoreConfiguration.parameters MALICIOUS_CODE EI_EXPOSE_REP 166 Medium
new org.forgerock.security.keystore.KeyStoreConfiguration(String, String, String, String, String, String, String, Map) may expose internal representation by storing an externally mutable object into KeyStoreConfiguration.parameters MALICIOUS_CODE EI_EXPOSE_REP2 92 Medium

org.forgerock.security.keystore.KeyStoreConfigurationManagerImpl

Bug Category Details Line Priority
Exception thrown in class org.forgerock.security.keystore.KeyStoreConfigurationManagerImpl at new org.forgerock.security.keystore.KeyStoreConfigurationManagerImpl(InputStream) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. BAD_PRACTICE CT_CONSTRUCTOR_THROW 82 Medium
Exception thrown in class org.forgerock.security.keystore.KeyStoreConfigurationManagerImpl at new org.forgerock.security.keystore.KeyStoreConfigurationManagerImpl(String) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. BAD_PRACTICE CT_CONSTRUCTOR_THROW 72 Medium

org.forgerock.security.keystore.KeyStoreManager

Bug Category Details Line Priority
org.forgerock.security.keystore.KeyStoreManager.getKeyStore() may expose internal representation by returning KeyStoreManager.keyStore MALICIOUS_CODE EI_EXPOSE_REP 118 Medium
new org.forgerock.security.keystore.KeyStoreManager(KeyStore) may expose internal representation by storing an externally mutable object into KeyStoreManager.keyStore MALICIOUS_CODE EI_EXPOSE_REP2 41 Medium

org.forgerock.security.keystore.MapKeyStoreParameters

Bug Category Details Line Priority
org.forgerock.security.keystore.MapKeyStoreParameters.getProperties() may expose internal representation by returning MapKeyStoreParameters.properties MALICIOUS_CODE EI_EXPOSE_REP 45 Medium
new org.forgerock.security.keystore.MapKeyStoreParameters(Map) may expose internal representation by storing an externally mutable object into MapKeyStoreParameters.properties MALICIOUS_CODE EI_EXPOSE_REP2 36 Medium