Project: ActiveMQ :: Memory Usage Test Plugin
SpotBugs version: 4.8.3
Code analyzed:
547 lines of code analyzed, in 7 classes, in 2 packages.
Metric | Total | Density* |
---|---|---|
High Priority Warnings | 3 | 5.48 |
Medium Priority Warnings | 21 | 38.39 |
Total Warnings | 24 | 43.88 |
(* Defects per Thousand lines of non-commenting source statements)
Warning Type | Number |
---|---|
Bad practice Warnings | 4 |
Internationalization Warnings | 1 |
Malicious code vulnerability Warnings | 7 |
Performance Warnings | 10 |
Dodgy code Warnings | 2 |
Total | 24 |
Click on a warning row to see full context information.
Code | Warning |
---|---|
CT | Exception thrown in class org.apache.activemq.tool.MemConsumer at new org.apache.activemq.tool.MemConsumer(ConnectionFactory, Destination) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
CT | Exception thrown in class org.apache.activemq.tool.MemConsumer at new org.apache.activemq.tool.MemConsumer(ConnectionFactory, Destination, String) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
CT | Exception thrown in class org.apache.activemq.tool.MemProducer at new org.apache.activemq.tool.MemProducer(ConnectionFactory, Destination) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
RV | Exceptional return value of java.io.File.mkdirs() ignored in org.apache.activemq.tool.ReportGenerator.startGenerateReport() |
Code | Warning |
---|---|
Dm | Found reliance on default encoding in org.apache.activemq.tool.ReportGenerator.startGenerateReport(): new java.io.PrintWriter(OutputStream) |
Code | Warning |
---|---|
EI | org.apache.activemq.tool.MemoryMonitoringTool.getDataOutputStream() may expose internal representation by returning MemoryMonitoringTool.dataDoutputStream |
EI | org.apache.activemq.tool.MemoryMonitoringTool.getTestSettings() may expose internal representation by returning MemoryMonitoringTool.testSettings |
EI | org.apache.activemq.tool.ReportGenerator.getTestSettings() may expose internal representation by returning ReportGenerator.testSettings |
EI | org.apache.activemq.tool.ReportGenerator.getWriter() may expose internal representation by returning ReportGenerator.writer |
EI2 | org.apache.activemq.tool.MemoryMonitoringTool.setDataOutputStream(DataOutputStream) may expose internal representation by storing an externally mutable object into MemoryMonitoringTool.dataDoutputStream |
EI2 | org.apache.activemq.tool.MemoryMonitoringTool.setTestSettings(Properties) may expose internal representation by storing an externally mutable object into MemoryMonitoringTool.testSettings |
EI2 | org.apache.activemq.tool.ReportGenerator.setTestSettings(Properties) may expose internal representation by storing an externally mutable object into ReportGenerator.testSettings |
Code | Warning |
---|---|
Bx | Boxing/unboxing to parse a primitive new org.apache.activemq.tool.JMSMemtest(Properties) |
Bx | Primitive boxed just to call toString in org.apache.activemq.tool.JMSMemtest.getSysTestSettings() |
Bx | Primitive boxed just to call toString in org.apache.activemq.tool.JMSMemtest.getSysTestSettings() |
Bx | new org.apache.activemq.tool.JMSMemtest(Properties) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead |
Bx | org.apache.activemq.tool.JMSMemtest.getSysTestSettings() invokes inefficient new Integer(int) constructor; use Integer.valueOf(int) instead |
Bx | org.apache.activemq.tool.JMSMemtest.getSysTestSettings() invokes inefficient new Long(long) constructor; use Long.valueOf(long) instead |
Bx | Boxing/unboxing to parse a primitive org.apache.activemq.tool.MemoryMonitoringTool.startMonitor() |
Bx | org.apache.activemq.tool.MemoryMonitoringTool.startMonitor() invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead |
Dm | new org.apache.activemq.tool.JMSMemtest(Properties) invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead |
UuF | Unused field: org.apache.activemq.tool.MemConsumer.ctr |
Code | Warning |
---|---|
Eq | org.apache.activemq.tool.MemConsumer doesn't override MemMessageIdList.equals(Object) |
ICAST | Result of integer multiplication cast to long in org.apache.activemq.tool.JMSMemtest.resetConnection(int) |
A boxed primitive is created from a String, just to extract the unboxed primitive value. It is more efficient to just call the static parseXXX method.
A boxed primitive is allocated just to call toString(). It is more effective to just use the static form of toString which takes the primitive value. So,
Replace... | With this... |
---|---|
new Integer(1).toString() | Integer.toString(1) |
new Long(1).toString() | Long.toString(1) |
new Float(1.0).toString() | Float.toString(1.0) |
new Double(1.0).toString() | Double.toString(1.0) |
new Byte(1).toString() | Byte.toString(1) |
new Short(1).toString() | Short.toString(1) |
new Boolean(true).toString() | Boolean.toString(true) |
Using new Integer(int)
is guaranteed to always result in a new object whereas
Integer.valueOf(int)
allows caching of values to be done by the compiler, class library, or JVM.
Using of cached values avoids object allocation and the code will be faster.
Values between -128 and 127 are guaranteed to have corresponding cached instances
and using valueOf
is approximately 3.5 times faster than using constructor.
For values outside the constant range the performance of both styles is the same.
Unless the class must be compatible with JVMs predating Java 5,
use either autoboxing or the valueOf()
method when creating instances of
Long
, Integer
, Short
, Character
, and Byte
.
Classes that throw exceptions in their constructors are vulnerable to Finalizer attacks
A finalizer attack can be prevented, by declaring the class final, using an empty finalizer declared as final, or by a clever use of a private constructor.
See SEI CERT Rule OBJ-11
for more information.
Creating new instances of java.lang.Boolean
wastes
memory, since Boolean
objects are immutable and there are
only two useful values of this type. Use the Boolean.valueOf()
method (or Java 5 autoboxing) to create Boolean
objects instead.
Found a call to a method which will perform a byte to String (or String to byte) conversion, and will assume that the default platform encoding is suitable. This will cause the application behavior to vary between platforms. Use an alternative API and specify a charset name or Charset object explicitly.
Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new copy of the object is better approach in many situations.
This code stores a reference to an externally mutable object into the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.
This class extends a class that defines an equals method and adds fields, but doesn't define an equals method itself. Thus, equality on instances of this class will ignore the identity of the subclass and the added fields. Be sure this is what is intended, and that you don't need to override the equals method. Even if you don't need to override the equals method, consider overriding it anyway to document the fact that the equals method for the subclass just return the result of invoking super.equals(o).
This code performs integer multiply and then converts the result to a long, as in:
long convertDaysToMilliseconds(int days) { return 1000*3600*24*days; }
If the multiplication is done using long arithmetic, you can avoid the possibility that the result will overflow. For example, you could fix the above code to:
long convertDaysToMilliseconds(int days) { return 1000L*3600*24*days; }
or
static final long MILLISECONDS_PER_DAY = 24L*3600*1000;
long convertDaysToMilliseconds(int days) { return days * MILLISECONDS_PER_DAY; }
This method returns a value that is not checked. The return value should be checked
since it can indicate an unusual or unexpected function execution. For
example, the File.delete()
method returns false
if the file could not be successfully deleted (rather than
throwing an Exception).
If you don't check the result, you won't notice if the method invocation
signals unexpected behavior by returning an atypical return value.
This field is never used. Consider removing it from the class.