SpotBugs Report

Project Information

Project: ActiveMQ :: Apache Karaf

SpotBugs version: 4.8.3

Code analyzed:



Metrics

131 lines of code analyzed, in 3 classes, in 1 packages.

Metric Total Density*
High Priority Warnings 0.00
Medium Priority Warnings 4 30.53
Total Warnings 4 30.53

(* Defects per Thousand lines of non-commenting source statements)



Contents

Summary

Warning Type Number
Malicious code vulnerability Warnings 4
Total 4

Warnings

Click on a warning row to see full context information.

Malicious code vulnerability Warnings

Code Warning
EI org.apache.activemq.karaf.commands.ActiveMQCommand.getCompleters() may expose internal representation by returning ActiveMQCommand.completers
EI org.apache.activemq.karaf.commands.ActiveMQCommandSupport.getCommand() may expose internal representation by returning ActiveMQCommandSupport.command
EI2 org.apache.activemq.karaf.commands.ActiveMQCommand.setCompleters(List) may expose internal representation by storing an externally mutable object into ActiveMQCommand.completers
EI2 org.apache.activemq.karaf.commands.ActiveMQCommandSupport.setCommand(Command) may expose internal representation by storing an externally mutable object into ActiveMQCommandSupport.command

Details

EI_EXPOSE_REP: May expose internal representation by returning reference to mutable object

Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object.  If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new copy of the object is better approach in many situations.

EI_EXPOSE_REP2: May expose internal representation by incorporating reference to mutable object

This code stores a reference to an externally mutable object into the internal representation of the object.  If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.