SpotBugs Report

Project Information

Project: DupDetector (spotbugsMain)

SpotBugs version: 4.4.2

Code analyzed:



Metrics

1249 lines of code analyzed, in 15 classes, in 2 packages.

Metric Total Density*
High Priority Warnings 4 3.20
Medium Priority Warnings 39 31.22
Total Warnings 43 34.43

(* Defects per Thousand lines of non-commenting source statements)



Contents

Summary

Warning Type Number
Bad practice Warnings 2
Correctness Warnings 2
Internationalization Warnings 3
Malicious code vulnerability Warnings 20
Performance Warnings 7
Dodgy code Warnings 9
Total 43

Warnings

Click on a warning row to see full context information.

Bad practice Warnings

Code Warning
Dm new edu.odu.cs.cs350.Input(String[]) invokes System.exit(...), which shuts down the entire virtual machine
Eq edu.odu.cs.cs350.Refactoring defines compareTo(Refactoring) and uses Object.equals()

Correctness Warnings

Code Warning
RCN Nullcheck of Recommender.refactorings at line 106 of value previously dereferenced in edu.odu.cs.cs350.Recommender.getRefactorings()
RCN Nullcheck of input at line 117 of value previously dereferenced in edu.odu.cs.cs350.Recommender.setRefactorings(List)

Internationalization Warnings

Code Warning
Dm Found reliance on default encoding in edu.odu.cs.cs350.Input.setFileExtensions(File): new java.io.FileReader(File)
Dm Found reliance on default encoding in edu.odu.cs.cs350.Input.setMinSequenceMaxSubs(File): new java.io.FileReader(File)
Dm Found reliance on default encoding in new edu.odu.cs.cs350.TokenAnalyzer(File): new java.util.Scanner(File)

Malicious code vulnerability Warnings

Code Warning
EI edu.odu.cs.cs350.Input.getFiles() may expose internal representation by returning Input.files
EI edu.odu.cs.cs350.Input.getTokenCountForFiles() may expose internal representation by returning Input.tokenCountForFiles
EI edu.odu.cs.cs350.Input.getTokens() may expose internal representation by returning Input.tokens
EI edu.odu.cs.cs350.Input.getfileExtensions() may expose internal representation by returning Input.fileExtensions
EI edu.odu.cs.cs350.Output.getFiles() may expose internal representation by returning Output.files
EI edu.odu.cs.cs350.Output.getRefactorings() may expose internal representation by returning Output.refactorings
EI edu.odu.cs.cs350.Recommender.getRefactorings() may expose internal representation by returning Recommender.refactorings
EI edu.odu.cs.cs350.Recommender.getTokens() may expose internal representation by returning Recommender.tokens
EI edu.odu.cs.cs350.RecursiveSearch.findFiles(String) may expose internal representation by returning RecursiveSearch.listofFiles
EI edu.odu.cs.cs350.RecursiveSearch.findFiles(String, List) may expose internal representation by returning RecursiveSearch.listofFiles
EI edu.odu.cs.cs350.RecursiveSearch.searchDirectory(String) may expose internal representation by returning RecursiveSearch.listofFiles
EI edu.odu.cs.cs350.TokenAnalyzer.getTokens() may expose internal representation by returning TokenAnalyzer.tokensContainer
EI2 new edu.odu.cs.cs350.Output(InputInterface, RecommenderInterface) may expose internal representation by storing an externally mutable object into Output.input
EI2 new edu.odu.cs.cs350.Output(InputInterface, RecommenderInterface) may expose internal representation by storing an externally mutable object into Output.recommender
MS edu.odu.cs.cs350.DupDetector.setInput(Input) may expose internal static state by storing a mutable object into a static field edu.odu.cs.cs350.DupDetector.input
MS edu.odu.cs.cs350.DupDetector.setOutput(Output) may expose internal static state by storing a mutable object into a static field edu.odu.cs.cs350.DupDetector.output
MS edu.odu.cs.cs350.DupDetector.setRecommender(Recommender) may expose internal static state by storing a mutable object into a static field edu.odu.cs.cs350.DupDetector.recommender
MS Public static edu.odu.cs.cs350.DupDetector.getInput() may expose internal representation by returning DupDetector.input
MS Public static edu.odu.cs.cs350.DupDetector.getOutput() may expose internal representation by returning DupDetector.output
MS Public static edu.odu.cs.cs350.DupDetector.getRecommender() may expose internal representation by returning DupDetector.recommender

Performance Warnings

Code Warning
Bx Boxing/unboxing to parse a primitive edu.odu.cs.cs350.Input.setMinSequenceMaxSubs(File)
Dm edu.odu.cs.cs350.Output.getCompleteOutput() invokes inefficient new String() constructor
Dm edu.odu.cs.cs350.Output.getSectionOne() invokes inefficient new String() constructor
Dm edu.odu.cs.cs350.Output.getSectionTwo() invokes inefficient new String() constructor
UrF Unread field: edu.odu.cs.cs350.LexerAnalyzer.yychar
UrF Unread field: edu.odu.cs.cs350.LexerAnalyzer.zzAtBOL
UrF Unread field: edu.odu.cs.cs350.LexerAnalyzer.zzEOFDone

Dodgy code Warnings

Code Warning
DLS Dead store to offset in edu.odu.cs.cs350.LexerAnalyzer.zzUnpackAction()
DLS Dead store to offset in edu.odu.cs.cs350.LexerAnalyzer.zzUnpackAttribute()
DLS Dead store to offset in edu.odu.cs.cs350.LexerAnalyzer.zzUnpackRowMap()
DLS Dead store to offset in edu.odu.cs.cs350.LexerAnalyzer.zzUnpackTrans()
DLS Dead store to offset in edu.odu.cs.cs350.LexerAnalyzer.zzUnpackcmap_blocks()
DLS Dead store to offset in edu.odu.cs.cs350.LexerAnalyzer.zzUnpackcmap_top()
NP Possible null pointer dereference in edu.odu.cs.cs350.RecursiveSearch.findFiles(String) due to return value of called method
NP Possible null pointer dereference in edu.odu.cs.cs350.RecursiveSearch.findFiles(String, List) due to return value of called method
NP Possible null pointer dereference in edu.odu.cs.cs350.RecursiveSearch.searchDirectory(String) due to return value of called method

Details

DM_BOXED_PRIMITIVE_FOR_PARSING: Boxing/unboxing to parse a primitive

A boxed primitive is created from a String, just to extract the unboxed primitive value. It is more efficient to just call the static parseXXX method.

DLS_DEAD_LOCAL_STORE: Dead store to local variable

This instruction assigns a value to a local variable, but the value is not read or used in any subsequent instruction. Often, this indicates an error, because the value computed is never used.

Note that Sun's javac compiler often generates dead stores for final local variables. Because SpotBugs is a bytecode-based tool, there is no easy way to eliminate these false positives.

DM_EXIT: Method invokes System.exit(...)

Invoking System.exit shuts down the entire Java virtual machine. This should only been done when it is appropriate. Such calls make it hard or impossible for your code to be invoked by other code. Consider throwing a RuntimeException instead.

DM_STRING_VOID_CTOR: Method invokes inefficient new String() constructor

Creating a new java.lang.String object using the no-argument constructor wastes memory because the object so created will be functionally indistinguishable from the empty string constant "".  Java guarantees that identical string constants will be represented by the same String object.  Therefore, you should just use the empty string constant directly.

DM_DEFAULT_ENCODING: Reliance on default encoding

Found a call to a method which will perform a byte to String (or String to byte) conversion, and will assume that the default platform encoding is suitable. This will cause the application behaviour to vary between platforms. Use an alternative API and specify a charset name or Charset object explicitly.

EI_EXPOSE_REP: May expose internal representation by returning reference to mutable object

Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object.  If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new copy of the object is better approach in many situations.

EI_EXPOSE_REP2: May expose internal representation by incorporating reference to mutable object

This code stores a reference to an externally mutable object into the internal representation of the object.  If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.

EQ_COMPARETO_USE_OBJECT_EQUALS: Class defines compareTo(...) and uses Object.equals()

This class defines a compareTo(...) method but inherits its equals() method from java.lang.Object. Generally, the value of compareTo should return zero if and only if equals returns true. If this is violated, weird and unpredictable failures will occur in classes such as PriorityQueue. In Java 5 the PriorityQueue.remove method uses the compareTo method, while in Java 6 it uses the equals method.

From the JavaDoc for the compareTo method in the Comparable interface:

It is strongly recommended, but not strictly required that (x.compareTo(y)==0) == (x.equals(y)). Generally speaking, any class that implements the Comparable interface and violates this condition should clearly indicate this fact. The recommended language is "Note: this class has a natural ordering that is inconsistent with equals."

EI_EXPOSE_STATIC_REP2: May expose internal static state by storing a mutable object into a static field

This code stores a reference to an externally mutable object into a static field. If unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.

MS_EXPOSE_REP: Public static method may expose internal representation by returning array

A public static method returns a reference to an array that is part of the static state of the class. Any code that calls this method can freely modify the underlying array. One fix is to return a copy of the array.

NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE: Possible null pointer dereference due to return value of called method

The return value from a method is dereferenced without a null check, and the return value of that method is one that should generally be checked for null. This may lead to a NullPointerException when the code is executed.

RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE: Nullcheck of value previously dereferenced

A value is checked here to see whether it is null, but this value can't be null because it was previously dereferenced and if it were null a null pointer exception would have occurred at the earlier dereference. Essentially, this code and the previous dereference disagree as to whether this value is allowed to be null. Either the check is redundant or the previous dereference is erroneous.

URF_UNREAD_FIELD: Unread field

This field is never read.  Consider removing it from the class.