SpotBugs Report

Project Information

Project: ActiveMQ :: Log4j Appender

SpotBugs version: 4.8.3

Code analyzed:



Metrics

204 lines of code analyzed, in 3 classes, in 1 packages.

Metric Total Density*
High Priority Warnings 0.00
Medium Priority Warnings 6 29.41
Total Warnings 6 29.41

(* Defects per Thousand lines of non-commenting source statements)



Contents

Summary

Warning Type Number
Malicious code vulnerability Warnings 6
Total 6

Warnings

Click on a warning row to see full context information.

Malicious code vulnerability Warnings

Code Warning
EI org.apache.activemq.util.JmsLogAppenderSupport.getConnection() may expose internal representation by returning JmsLogAppenderSupport.connection
EI org.apache.activemq.util.JmsLogAppenderSupport.getProducer() may expose internal representation by returning JmsLogAppenderSupport.producer
EI org.apache.activemq.util.JmsLogAppenderSupport.getSession() may expose internal representation by returning JmsLogAppenderSupport.session
EI2 org.apache.activemq.util.JmsLogAppenderSupport.setConnection(Connection) may expose internal representation by storing an externally mutable object into JmsLogAppenderSupport.connection
EI2 org.apache.activemq.util.JmsLogAppenderSupport.setProducer(MessageProducer) may expose internal representation by storing an externally mutable object into JmsLogAppenderSupport.producer
EI2 org.apache.activemq.util.JmsLogAppenderSupport.setSession(Session) may expose internal representation by storing an externally mutable object into JmsLogAppenderSupport.session

Details

EI_EXPOSE_REP: May expose internal representation by returning reference to mutable object

Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object.  If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new copy of the object is better approach in many situations.

EI_EXPOSE_REP2: May expose internal representation by incorporating reference to mutable object

This code stores a reference to an externally mutable object into the internal representation of the object.  If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.