Project: ActiveMQ :: StartUp/Stop Plugin
SpotBugs version: 4.8.3
Code analyzed:
237 lines of code analyzed, in 8 classes, in 1 packages.
Metric | Total | Density* |
---|---|---|
High Priority Warnings | 0.00 | |
Medium Priority Warnings | 14 | 59.07 |
Total Warnings | 14 | 59.07 |
(* Defects per Thousand lines of non-commenting source statements)
Warning Type | Number |
---|---|
Malicious code vulnerability Warnings | 12 |
Multithreaded correctness Warnings | 2 |
Total | 14 |
Click on a warning row to see full context information.
Code | Warning |
---|---|
EI | org.apache.activemq.maven.StartBrokerMojo.getBrokerManager() may expose internal representation by returning StartBrokerMojo.brokerManager |
EI | org.apache.activemq.maven.StartBrokerMojo.getProject() may expose internal representation by returning StartBrokerMojo.project |
EI | org.apache.activemq.maven.StartBrokerMojo.getSystemProperties() may expose internal representation by returning StartBrokerMojo.systemProperties |
EI | org.apache.activemq.maven.StartBrokerMojo.getxBeanFileResolver() may expose internal representation by returning StartBrokerMojo.xBeanFileResolver |
EI | org.apache.activemq.maven.StopBrokerMojo.getBrokerManager() may expose internal representation by returning StopBrokerMojo.brokerManager |
EI2 | org.apache.activemq.maven.StartBrokerMojo.setBrokerManager(MavenBrokerManager) may expose internal representation by storing an externally mutable object into StartBrokerMojo.brokerManager |
EI2 | org.apache.activemq.maven.StartBrokerMojo.setProject(MavenProject) may expose internal representation by storing an externally mutable object into StartBrokerMojo.project |
EI2 | org.apache.activemq.maven.StartBrokerMojo.setSystemProperties(Properties) may expose internal representation by storing an externally mutable object into StartBrokerMojo.systemProperties |
EI2 | org.apache.activemq.maven.StartBrokerMojo.setxBeanFileResolver(XBeanFileResolver) may expose internal representation by storing an externally mutable object into StartBrokerMojo.xBeanFileResolver |
EI2 | org.apache.activemq.maven.StopBrokerMojo.setBrokerManager(MavenBrokerManager) may expose internal representation by storing an externally mutable object into StopBrokerMojo.brokerManager |
MS | org.apache.activemq.maven.Broker.setBroker(BrokerService) may expose internal static state by storing a mutable object into a static field org.apache.activemq.maven.Broker.broker |
MS | Public static org.apache.activemq.maven.Broker.getBroker() may expose internal representation by returning Broker.broker |
Code | Warning |
---|---|
LI | Incorrect lazy initialization of static field org.apache.activemq.maven.Broker.broker in org.apache.activemq.maven.Broker.stop() |
LI | Incorrect lazy initialization and update of static field org.apache.activemq.maven.Broker.broker in org.apache.activemq.maven.Broker.start(boolean, String) |
Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new copy of the object is better approach in many situations.
This code stores a reference to an externally mutable object into the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.
This method contains an unsynchronized lazy initialization of a static field. After the field is set, the object stored into that location is further updated or accessed. The setting of the field is visible to other threads as soon as it is set. If the further accesses in the method that set the field serve to initialize the object, then you have a very serious multithreading bug, unless something else prevents any other thread from accessing the stored object until it is fully initialized.
Even if you feel confident that the method is never called by multiple threads, it might be better to not set the static field until the value you are setting it to is fully populated/initialized.
This method contains an unsynchronized lazy initialization of a non-volatile static field. Because the compiler or processor may reorder instructions, threads are not guaranteed to see a completely initialized object, if the method can be called by multiple threads. You can make the field volatile to correct the problem. For more information, see the Java Memory Model web site.
This code stores a reference to an externally mutable object into a static field. If unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.
A public static method returns a reference to a mutable object or an array that is part of the static state of the class. Any code that calls this method can freely modify the underlying array. One fix is to return a copy of the array.