Project: ActiveMQ :: Console
SpotBugs version: 4.8.3
Code analyzed:
5953 lines of code analyzed, in 84 classes, in 9 packages.
Metric | Total | Density* |
---|---|---|
High Priority Warnings | 16 | 2.69 |
Medium Priority Warnings | 103 | 17.30 |
Total Warnings | 119 | 19.99 |
(* Defects per Thousand lines of non-commenting source statements)
Warning Type | Number |
---|---|
Bad practice Warnings | 11 |
Correctness Warnings | 2 |
Internationalization Warnings | 8 |
Malicious code vulnerability Warnings | 65 |
Performance Warnings | 19 |
Dodgy code Warnings | 14 |
Total | 119 |
Click on a warning row to see full context information.
Code | Warning |
---|---|
CT | Exception thrown in class org.apache.activemq.console.command.store.ExportStreamManager at new org.apache.activemq.console.command.store.ExportStreamManager(OutputStream, int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. |
DE | org.apache.activemq.console.Main.getActiveMQHome() might ignore java.lang.Exception |
DE | org.apache.activemq.console.command.ShutdownCommand.stopBrokers(MBeanServerConnection, Collection) might ignore java.lang.Exception |
OS | org.apache.activemq.console.command.store.proto.MapEntryPB$Buffer.writeUnframed(CodedOutputStream) may fail to close stream |
OS | org.apache.activemq.console.command.store.proto.MessagePB$Buffer.writeUnframed(CodedOutputStream) may fail to close stream |
OS | org.apache.activemq.console.command.store.proto.QueueEntryPB$Buffer.writeUnframed(CodedOutputStream) may fail to close stream |
OS | org.apache.activemq.console.command.store.proto.QueuePB$Buffer.writeUnframed(CodedOutputStream) may fail to close stream |
RV | Exceptional return value of java.io.File.mkdirs() ignored in org.apache.activemq.console.Main.main(String[]) |
RV | Exceptional return value of java.io.File.mkdirs() ignored in org.apache.activemq.console.command.CreateCommand.createSubDirs(File, String[]) |
RV | Exceptional return value of java.io.File.mkdirs() ignored in org.apache.activemq.console.command.CreateCommand.runTask(List) |
Se | org.apache.activemq.console.command.DstatCommand$ObjectInstanceComparator implements Comparator but not Serializable |
Code | Warning |
---|---|
MF | Field BstatCommand.helpFile masks field in superclass org.apache.activemq.console.command.QueryCommand |
MF | Field DecryptCommand.helpFile masks field in superclass org.apache.activemq.console.command.EncryptCommand |
Code | Warning |
---|---|
Dm | Found reliance on default encoding in org.apache.activemq.console.command.AbstractCommand.printHelpFromFile(): new java.io.InputStreamReader(InputStream) |
Dm | Found reliance on default encoding in org.apache.activemq.console.command.CreateCommand.runTask(List): new java.io.InputStreamReader(InputStream) |
Dm | Found reliance on default encoding in org.apache.activemq.console.command.CreateCommand.writeFile(String, File): String.getBytes() |
Dm | Found reliance on default encoding in org.apache.activemq.console.command.store.tar.TarInputStream.getNextEntry(): new String(byte[], int, int) |
Dm | Found reliance on default encoding in org.apache.activemq.console.command.store.tar.TarOutputStream.putNextEntry(TarEntry): String.getBytes() |
Dm | Found reliance on default encoding in org.apache.activemq.console.filter.MapTransformFilter.transformToMap(CompositeDataSupport): new String(byte[]) |
Dm | Found reliance on default encoding in org.apache.activemq.console.filter.MapTransformFilter.transformToMap(ActiveMQBytesMessage): new String(byte[]) |
Dm | Found reliance on default encoding in new org.apache.activemq.console.formatter.CommandShellOutputFormatter(OutputStream): new java.io.PrintStream(OutputStream) |
Code | Warning |
---|---|
DP | org.apache.activemq.console.Main.getClassLoader() creates a java.net.URLClassLoader classloader, which should be performed within a doPrivileged block |
DP | org.apache.activemq.console.command.AbstractJmxCommand.findJMXUrlByProcessId(int) creates a java.net.URLClassLoader classloader, which should be performed within a doPrivileged block |
DP | org.apache.activemq.console.command.AbstractJmxCommand.useJmxServiceUrl() creates a java.net.URLClassLoader classloader, which should be performed within a doPrivileged block |
EI | org.apache.activemq.console.Main.getClassLoader() may expose internal representation by returning Main.classLoader |
EI | org.apache.activemq.console.command.store.proto.MapEntryPB$Bean.freeze() may expose internal representation by returning MapEntryPB$Bean.frozen |
EI | org.apache.activemq.console.command.store.proto.MapEntryPB$Bean.getKey() may expose internal representation by returning MapEntryPB$Bean.f_key |
EI | org.apache.activemq.console.command.store.proto.MapEntryPB$Bean.getValue() may expose internal representation by returning MapEntryPB$Bean.f_value |
EI | org.apache.activemq.console.command.store.proto.MapEntryPB$Buffer.toUnframedBuffer() may expose internal representation by returning MapEntryPB$Buffer.buffer |
EI | org.apache.activemq.console.command.store.proto.MessagePB$Bean.freeze() may expose internal representation by returning MessagePB$Bean.frozen |
EI | org.apache.activemq.console.command.store.proto.MessagePB$Bean.getCodec() may expose internal representation by returning MessagePB$Bean.f_codec |
EI | org.apache.activemq.console.command.store.proto.MessagePB$Bean.getDirectData() may expose internal representation by returning MessagePB$Bean.f_directData |
EI | org.apache.activemq.console.command.store.proto.MessagePB$Bean.getDirectFile() may expose internal representation by returning MessagePB$Bean.f_directFile |
EI | org.apache.activemq.console.command.store.proto.MessagePB$Bean.getValue() may expose internal representation by returning MessagePB$Bean.f_value |
EI | org.apache.activemq.console.command.store.proto.MessagePB$Buffer.toUnframedBuffer() may expose internal representation by returning MessagePB$Buffer.buffer |
EI | org.apache.activemq.console.command.store.proto.QueueEntryPB$Bean.createSenderList() may expose internal representation by returning QueueEntryPB$Bean.f_sender |
EI | org.apache.activemq.console.command.store.proto.QueueEntryPB$Bean.freeze() may expose internal representation by returning QueueEntryPB$Bean.frozen |
EI | org.apache.activemq.console.command.store.proto.QueueEntryPB$Bean.getAttachment() may expose internal representation by returning QueueEntryPB$Bean.f_attachment |
EI | org.apache.activemq.console.command.store.proto.QueueEntryPB$Bean.getMessageLocator() may expose internal representation by returning QueueEntryPB$Bean.f_messageLocator |
EI | org.apache.activemq.console.command.store.proto.QueueEntryPB$Bean.getSenderList() may expose internal representation by returning QueueEntryPB$Bean.f_sender |
EI | org.apache.activemq.console.command.store.proto.QueueEntryPB$Buffer.toUnframedBuffer() may expose internal representation by returning QueueEntryPB$Buffer.buffer |
EI | org.apache.activemq.console.command.store.proto.QueuePB$Bean.freeze() may expose internal representation by returning QueuePB$Bean.frozen |
EI | org.apache.activemq.console.command.store.proto.QueuePB$Bean.getBindingData() may expose internal representation by returning QueuePB$Bean.f_bindingData |
EI | org.apache.activemq.console.command.store.proto.QueuePB$Bean.getBindingKind() may expose internal representation by returning QueuePB$Bean.f_bindingKind |
EI | org.apache.activemq.console.command.store.proto.QueuePB$Buffer.toUnframedBuffer() may expose internal representation by returning QueuePB$Buffer.buffer |
EI | org.apache.activemq.console.command.store.tar.TarInputStream.getNextEntry() may expose internal representation by returning TarInputStream.currEntry |
EI | org.apache.activemq.console.filter.StubQueryFilter.query(String) may expose internal representation by returning StubQueryFilter.data |
EI | org.apache.activemq.console.filter.StubQueryFilter.query(List) may expose internal representation by returning StubQueryFilter.data |
EI | org.apache.activemq.console.formatter.CommandShellOutputFormatter.getOutputStream() may expose internal representation by returning CommandShellOutputFormatter.outputStream |
EI2 | org.apache.activemq.console.command.AbstractCommand.setCommandContext(CommandContext) may expose internal representation by storing an externally mutable object into AbstractCommand.context |
EI2 | org.apache.activemq.console.command.StoreExportCommand.setCommandContext(CommandContext) may expose internal representation by storing an externally mutable object into StoreExportCommand.context |
EI2 | new org.apache.activemq.console.command.store.proto.MapEntryPB$Bean() may expose internal representation by storing an externally mutable object into MapEntryPB$Bean.bean |
EI2 | new org.apache.activemq.console.command.store.proto.MapEntryPB$Bean(MapEntryPB$Bean) may expose internal representation by storing an externally mutable object into MapEntryPB$Bean.bean |
EI2 | org.apache.activemq.console.command.store.proto.MapEntryPB$Bean.readExternal(DataInput) may expose internal representation by storing an externally mutable object into MapEntryPB$Bean.bean |
EI2 | org.apache.activemq.console.command.store.proto.MapEntryPB$Bean.setKey(Buffer) may expose internal representation by storing an externally mutable object into MapEntryPB$Bean.f_key |
EI2 | org.apache.activemq.console.command.store.proto.MapEntryPB$Bean.setValue(Buffer) may expose internal representation by storing an externally mutable object into MapEntryPB$Bean.f_value |
EI2 | new org.apache.activemq.console.command.store.proto.MessagePB$Bean() may expose internal representation by storing an externally mutable object into MessagePB$Bean.bean |
EI2 | new org.apache.activemq.console.command.store.proto.MessagePB$Bean(MessagePB$Bean) may expose internal representation by storing an externally mutable object into MessagePB$Bean.bean |
EI2 | org.apache.activemq.console.command.store.proto.MessagePB$Bean.readExternal(DataInput) may expose internal representation by storing an externally mutable object into MessagePB$Bean.bean |
EI2 | org.apache.activemq.console.command.store.proto.MessagePB$Bean.setCodec(AsciiBuffer) may expose internal representation by storing an externally mutable object into MessagePB$Bean.f_codec |
EI2 | org.apache.activemq.console.command.store.proto.MessagePB$Bean.setDirectData(Buffer) may expose internal representation by storing an externally mutable object into MessagePB$Bean.f_directData |
EI2 | org.apache.activemq.console.command.store.proto.MessagePB$Bean.setDirectFile(Buffer) may expose internal representation by storing an externally mutable object into MessagePB$Bean.f_directFile |
EI2 | org.apache.activemq.console.command.store.proto.MessagePB$Bean.setValue(Buffer) may expose internal representation by storing an externally mutable object into MessagePB$Bean.f_value |
EI2 | new org.apache.activemq.console.command.store.proto.QueueEntryPB$Bean() may expose internal representation by storing an externally mutable object into QueueEntryPB$Bean.bean |
EI2 | new org.apache.activemq.console.command.store.proto.QueueEntryPB$Bean(QueueEntryPB$Bean) may expose internal representation by storing an externally mutable object into QueueEntryPB$Bean.bean |
EI2 | org.apache.activemq.console.command.store.proto.QueueEntryPB$Bean.readExternal(DataInput) may expose internal representation by storing an externally mutable object into QueueEntryPB$Bean.bean |
EI2 | org.apache.activemq.console.command.store.proto.QueueEntryPB$Bean.setAttachment(Buffer) may expose internal representation by storing an externally mutable object into QueueEntryPB$Bean.f_attachment |
EI2 | org.apache.activemq.console.command.store.proto.QueueEntryPB$Bean.setMessageLocator(Buffer) may expose internal representation by storing an externally mutable object into QueueEntryPB$Bean.f_messageLocator |
EI2 | org.apache.activemq.console.command.store.proto.QueueEntryPB$Bean.setSenderList(List) may expose internal representation by storing an externally mutable object into QueueEntryPB$Bean.f_sender |
EI2 | new org.apache.activemq.console.command.store.proto.QueuePB$Bean() may expose internal representation by storing an externally mutable object into QueuePB$Bean.bean |
EI2 | new org.apache.activemq.console.command.store.proto.QueuePB$Bean(QueuePB$Bean) may expose internal representation by storing an externally mutable object into QueuePB$Bean.bean |
EI2 | org.apache.activemq.console.command.store.proto.QueuePB$Bean.readExternal(DataInput) may expose internal representation by storing an externally mutable object into QueuePB$Bean.bean |
EI2 | org.apache.activemq.console.command.store.proto.QueuePB$Bean.setBindingData(Buffer) may expose internal representation by storing an externally mutable object into QueuePB$Bean.f_bindingData |
EI2 | org.apache.activemq.console.command.store.proto.QueuePB$Bean.setBindingKind(AsciiBuffer) may expose internal representation by storing an externally mutable object into QueuePB$Bean.f_bindingKind |
EI2 | new org.apache.activemq.console.command.store.tar.TarBuffer(OutputStream, int, int) may expose internal representation by storing an externally mutable object into TarBuffer.outStream |
EI2 | new org.apache.activemq.console.filter.MBeansAttributeQueryFilter(MBeanServerConnection, Set, MBeansObjectNameQueryFilter) may expose internal representation by storing an externally mutable object into MBeansAttributeQueryFilter.attribView |
EI2 | new org.apache.activemq.console.filter.MBeansAttributeQueryFilter(MBeanServerConnection, Set, MBeansObjectNameQueryFilter) may expose internal representation by storing an externally mutable object into MBeansAttributeQueryFilter.jmxConnection |
EI2 | new org.apache.activemq.console.filter.MBeansObjectNameQueryFilter(MBeanServerConnection) may expose internal representation by storing an externally mutable object into MBeansObjectNameQueryFilter.jmxConnection |
EI2 | new org.apache.activemq.console.filter.MessagesQueryFilter(MBeanServerConnection, ObjectName) may expose internal representation by storing an externally mutable object into MessagesQueryFilter.destName |
EI2 | new org.apache.activemq.console.filter.MessagesQueryFilter(MBeanServerConnection, ObjectName) may expose internal representation by storing an externally mutable object into MessagesQueryFilter.jmxConnection |
EI2 | new org.apache.activemq.console.filter.PropertiesViewFilter(Set, QueryFilter) may expose internal representation by storing an externally mutable object into PropertiesViewFilter.viewFilter |
EI2 | new org.apache.activemq.console.filter.StubQueryFilter(List) may expose internal representation by storing an externally mutable object into StubQueryFilter.data |
EI2 | new org.apache.activemq.console.formatter.CommandShellOutputFormatter(OutputStream) may expose internal representation by storing an externally mutable object into CommandShellOutputFormatter.out |
EI2 | new org.apache.activemq.console.formatter.CommandShellOutputFormatter(OutputStream) may expose internal representation by storing an externally mutable object into CommandShellOutputFormatter.outputStream |
MS | org.apache.activemq.console.command.AbstractJmxCommand.DEFAULT_JMX_URL isn't final but should be |
MS | org.apache.activemq.console.command.DefaultPasswordFactory.factory isn't final but should be |
Code | Warning |
---|---|
Bx | org.apache.activemq.console.command.store.proto.MessagePB$Bean.hashCode() invokes inefficient new Long(long) constructor; use Long.valueOf(long) instead |
Bx | org.apache.activemq.console.command.store.proto.QueueEntryPB$Bean.hashCode() invokes inefficient new Long(long) constructor; use Long.valueOf(long) instead |
Bx | org.apache.activemq.console.command.store.proto.QueuePB$Bean.hashCode() invokes inefficient new Long(long) constructor; use Long.valueOf(long) instead |
SBSC | org.apache.activemq.console.command.store.amq.CommandLineSupport.convertOptionToPropertyName(String) concatenates strings using + in a loop |
SBSC | org.apache.activemq.console.filter.AmqMessagesQueryFilter.query(List) concatenates strings using + in a loop |
SBSC | org.apache.activemq.console.filter.MBeansObjectNameQueryFilter.query(List) concatenates strings using + in a loop |
SBSC | org.apache.activemq.console.filter.MessagesQueryFilter.query(List) concatenates strings using + in a loop |
SS | Unread field: org.apache.activemq.console.command.CreateCommand.BROKER_NAME_REGEX; should this field be static? |
SS | Unread field: org.apache.activemq.console.command.CreateCommand.DEFAULT_BROKERNAME_XPATH; should this field be static? |
SS | Unread field: org.apache.activemq.console.command.CreateCommand.DEFAULT_TARGET_ACTIVEMQ_CONF; should this field be static? |
UrF | Unread field: org.apache.activemq.console.command.StoreExportCommand.context |
WMI | org.apache.activemq.console.filter.GroupPropertiesViewFilter.filterView(Map) makes inefficient use of keySet iterator instead of entrySet iterator |
WMI | org.apache.activemq.console.filter.MBeansRegExQueryFilter.matches(AttributeList, Map) makes inefficient use of keySet iterator instead of entrySet iterator |
WMI | org.apache.activemq.console.filter.MBeansRegExQueryFilter.matches(ObjectName, Map) makes inefficient use of keySet iterator instead of entrySet iterator |
WMI | org.apache.activemq.console.filter.MapTransformFilter.transformToMap(ObjectName) makes inefficient use of keySet iterator instead of entrySet iterator |
WMI | org.apache.activemq.console.filter.MapTransformFilter.transformToMap(CompositeDataSupport) makes inefficient use of keySet iterator instead of entrySet iterator |
WMI | org.apache.activemq.console.formatter.CommandShellOutputFormatter.print(Map) makes inefficient use of keySet iterator instead of entrySet iterator |
WMI | org.apache.activemq.console.formatter.CommandShellOutputFormatter.printMBean(Map) makes inefficient use of keySet iterator instead of entrySet iterator |
WMI | org.apache.activemq.console.formatter.CommandShellOutputFormatter.printMessage(Map) makes inefficient use of keySet iterator instead of entrySet iterator |
Code | Warning |
---|---|
DB | org.apache.activemq.console.command.ShellCommand.runTask(List) uses the same code for two branches |
NP | Dereference of the result of readLine() without nullcheck in org.apache.activemq.console.command.CreateCommand.runTask(List) |
NP | Possible null pointer dereference in org.apache.activemq.console.command.CreateCommand.copyConfDirectory(File, File) due to return value of called method |
NP | Possible null pointer dereference in org.apache.activemq.console.command.store.tar.TarEntry.getDirectoryEntries() due to return value of called method |
RCN | Redundant nullcheck of obj, which is known to be non-null in org.apache.activemq.console.filter.MapTransformFilter.getDisplayString(Object) |
REC | Exception is caught when Exception is not thrown in org.apache.activemq.console.Main.getActiveMQHome() |
REC | Exception is caught when Exception is not thrown in org.apache.activemq.console.command.AbstractJmxCommand.useJmxServiceUrl() |
REC | Exception is caught when Exception is not thrown in org.apache.activemq.console.command.AbstractJmxCommand.findJMXUrlByProcessId(int) |
ST | Write to static field org.apache.activemq.console.Main.useDefExt from instance method org.apache.activemq.console.Main.parseExtensions(List) |
ST | Write to static field org.apache.activemq.console.command.AbstractJmxCommand.jmxPassword from instance method org.apache.activemq.console.command.AbstractJmxCommand.setJmxPassword(String) |
ST | Write to static field org.apache.activemq.console.command.AbstractJmxCommand.jmxUseLocal from instance method org.apache.activemq.console.command.AbstractJmxCommand.setJmxUseLocal(boolean) |
ST | Write to static field org.apache.activemq.console.command.AbstractJmxCommand.jmxUser from instance method org.apache.activemq.console.command.AbstractJmxCommand.setJmxUser(String) |
UrF | Unread public/protected field: org.apache.activemq.console.command.DecryptCommand.helpFile |
UrF | Unread public/protected field: org.apache.activemq.console.command.store.tar.TarOutputStream.debug |
Using new Integer(int)
is guaranteed to always result in a new object whereas
Integer.valueOf(int)
allows caching of values to be done by the compiler, class library, or JVM.
Using of cached values avoids object allocation and the code will be faster.
Values between -128 and 127 are guaranteed to have corresponding cached instances
and using valueOf
is approximately 3.5 times faster than using constructor.
For values outside the constant range the performance of both styles is the same.
Unless the class must be compatible with JVMs predating Java 5,
use either autoboxing or the valueOf()
method when creating instances of
Long
, Integer
, Short
, Character
, and Byte
.
Classes that throw exceptions in their constructors are vulnerable to Finalizer attacks
A finalizer attack can be prevented, by declaring the class final, using an empty finalizer declared as final, or by a clever use of a private constructor.
See SEI CERT Rule OBJ-11
for more information.
This method uses the same code to implement two branches of a conditional branch. Check to ensure that this isn't a coding mistake.
This method might ignore an exception. In general, exceptions should be handled or reported in some way, or they should be thrown out of the method.
This code creates a classloader, which needs permission if a security manage is installed. If this code might be invoked by code that does not have security permissions, then the classloader creation needs to occur inside a doPrivileged block.
Found a call to a method which will perform a byte to String (or String to byte) conversion, and will assume that the default platform encoding is suitable. This will cause the application behavior to vary between platforms. Use an alternative API and specify a charset name or Charset object explicitly.
Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new copy of the object is better approach in many situations.
This code stores a reference to an externally mutable object into the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.
This class defines a field with the same name as a visible instance field in a superclass. This is confusing, and may indicate an error if methods update or access one of the fields when they wanted the other.
This public static
or protected static
field is not final, and
could be changed by malicious code or
by accident from another package.
The field could be made final to avoid
this vulnerability.
The result of invoking readLine() is dereferenced without checking to see if the result is null. If there are no more lines of text to read, readLine() will return null and dereferencing that will generate a null pointer exception.
The return value from a method is dereferenced without a null check,
and the return value of that method is one that should generally be checked
for null. This may lead to a NullPointerException
when the code is executed.
The method creates an IO stream object, does not assign it to any
fields, pass it to other methods that might close it,
or return it, and does not appear to close
the stream on all paths out of the method. This may result in
a file descriptor leak. It is generally a good
idea to use a finally
block to ensure that streams are
closed.
This method contains a redundant check of a known non-null value against the constant null.
This method uses a try-catch block that catches Exception objects, but Exception is not thrown within the try block, and RuntimeException is not explicitly caught. It is a common bug pattern to say try { ... } catch (Exception e) { something } as a shorthand for catching a number of types of exception each of whose catch blocks is identical, but this construct also accidentally catches RuntimeException as well, masking potential bugs.
A better approach is to either explicitly catch the specific exceptions that are thrown, or to explicitly catch RuntimeException exception, rethrow it, and then catch all non-Runtime Exceptions, as shown below:
try {
...
} catch (RuntimeException e) {
throw e;
} catch (Exception e) {
... deal with all non-runtime exceptions ...
}
This method returns a value that is not checked. The return value should be checked
since it can indicate an unusual or unexpected function execution. For
example, the File.delete()
method returns false
if the file could not be successfully deleted (rather than
throwing an Exception).
If you don't check the result, you won't notice if the method invocation
signals unexpected behavior by returning an atypical return value.
The method seems to be building a String using concatenation in a loop. In each iteration, the String is converted to a StringBuffer/StringBuilder, appended to, and converted back to a String. This can lead to a cost quadratic in the number of iterations, as the growing string is recopied in each iteration.
Better performance can be obtained by using a StringBuffer (or StringBuilder in Java 5) explicitly.
For example:
// This is bad
String s = "";
for (int i = 0; i < field.length; ++i) {
s = s + field[i];
}
// This is better
StringBuffer buf = new StringBuffer();
for (int i = 0; i < field.length; ++i) {
buf.append(field[i]);
}
String s = buf.toString();
This class contains an instance final field that is initialized to a compile-time static value. Consider making the field static.
This instance method writes to a static field. This is tricky to get correct if multiple instances are being manipulated, and generally bad practice.
This class implements the Comparator
interface. You
should consider whether or not it should also implement the Serializable
interface. If a comparator is used to construct an ordered collection
such as a TreeMap
, then the TreeMap
will be serializable only if the comparator is also serializable.
As most comparators have little or no state, making them serializable
is generally easy and good defensive programming.
This field is never read. Consider removing it from the class.
This field is never read. The field is public or protected, so perhaps it is intended to be used with classes not seen as part of the analysis. If not, consider removing it from the class.
This method accesses the value of a Map entry, using a key that was retrieved from a keySet iterator. It is more efficient to use an iterator on the entrySet of the map, to avoid the Map.get(key) lookup.