SpotBugs Report

Project Information

Project: ActiveMQ :: Partition Management

SpotBugs version: 4.8.3

Code analyzed:



Metrics

418 lines of code analyzed, in 11 classes, in 2 packages.

Metric Total Density*
High Priority Warnings 0.00
Medium Priority Warnings 12 28.71
Total Warnings 12 28.71

(* Defects per Thousand lines of non-commenting source statements)



Contents

Summary

Warning Type Number
Bad practice Warnings 7
Correctness Warnings 1
Malicious code vulnerability Warnings 3
Multithreaded correctness Warnings 1
Total 12

Warnings

Click on a warning row to see full context information.

Bad practice Warnings

Code Warning
PA Primitive field org.apache.activemq.partition.dto.Partitioning.brokers is public and set from inside the class, which makes it too exposed. Consider making it private to limit external accessibility.
PA Primitive field org.apache.activemq.partition.dto.Partitioning.byClientId is public and set from inside the class, which makes it too exposed. Consider making it private to limit external accessibility.
PA Primitive field org.apache.activemq.partition.dto.Partitioning.byQueue is public and set from inside the class, which makes it too exposed. Consider making it private to limit external accessibility.
PA Primitive field org.apache.activemq.partition.dto.Partitioning.bySourceIp is public and set from inside the class, which makes it too exposed. Consider making it private to limit external accessibility.
PA Primitive field org.apache.activemq.partition.dto.Partitioning.byTopic is public and set from inside the class, which makes it too exposed. Consider making it private to limit external accessibility.
PA Primitive field org.apache.activemq.partition.dto.Partitioning.byUserName is public and set from inside the class, which makes it too exposed. Consider making it private to limit external accessibility.
PA Primitive field org.apache.activemq.partition.dto.Target.ids is public and set from inside the class, which makes it too exposed. Consider making it private to limit external accessibility.

Correctness Warnings

Code Warning
RV Return value of java.util.concurrent.CountDownLatch.await(long, TimeUnit) ignored in org.apache.activemq.partition.ZooKeeperPartitionBroker.start()

Malicious code vulnerability Warnings

Code Warning
EI org.apache.activemq.partition.PartitionBrokerPlugin.getConfig() may expose internal representation by returning PartitionBrokerPlugin.config
EI2 new org.apache.activemq.partition.PartitionBroker(Broker, PartitionBrokerPlugin) may expose internal representation by storing an externally mutable object into PartitionBroker.plugin
EI2 org.apache.activemq.partition.PartitionBrokerPlugin.setConfig(Partitioning) may expose internal representation by storing an externally mutable object into PartitionBrokerPlugin.config

Multithreaded correctness Warnings

Code Warning
NN Naked notify in org.apache.activemq.partition.PartitionBroker.monitorWakeup()

Details

EI_EXPOSE_REP: May expose internal representation by returning reference to mutable object

Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object.  If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new copy of the object is better approach in many situations.

EI_EXPOSE_REP2: May expose internal representation by incorporating reference to mutable object

This code stores a reference to an externally mutable object into the internal representation of the object.  If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.

NN_NAKED_NOTIFY: Naked notify

A call to notify() or notifyAll() was made without any (apparent) accompanying modification to mutable object state.  In general, calling a notify method on a monitor is done because some condition another thread is waiting for has become true.  However, for the condition to be meaningful, it must involve a heap object that is visible to both threads.

This bug does not necessarily indicate an error, since the change to mutable object state may have taken place in a method which then called the method containing the notification.

PA_PUBLIC_PRIMITIVE_ATTRIBUTE: Primitive field is public

SEI CERT rule OBJ01-J requires that accessibility to fields must be limited. Otherwise, the values of the fields may be manipulated from outside the class, which may be unexpected or undesired behaviour. In general, requiring that no fields are allowed to be public is overkill and unrealistic. Even the rule mentions that final fields may be public. Besides final fields, there may be other usages for public fields: some public fields may serve as "flags" that affect the behavior of the class. Such flag fields are expected to be read by the current instance (or the current class, in case of static fields), but written by others. If a field is both written by the methods of the current instance (or the current class, in case of static fields) and from the outside, the code is suspicious. Consider making these fields private and provide appropriate setters, if necessary. Please note that constructors, initializers and finalizers are exceptions, if only they write the field inside the class, the field is not considered as written by the class itself.

RV_RETURN_VALUE_IGNORED: Method ignores return value

The return value of this method should be checked. One common cause of this warning is to invoke a method on an immutable object, thinking that it updates the object. For example, in the following code fragment,

String dateString = getHeaderField(name);
dateString.trim();

the programmer seems to be thinking that the trim() method will update the String referenced by dateString. But since Strings are immutable, the trim() function returns a new String value, which is being ignored here. The code should be corrected to:

String dateString = getHeaderField(name);
dateString = dateString.trim();