MAL lib – SpotBugs Bug Detector Report

SpotBugs Bug Detector Report

The following document contains the results of SpotBugs

SpotBugs Version is 4.5.3

Threshold is low

Effort is max

Summary

Classes	Bugs	Errors	Missing Classes
73	35	0	1

Files

Class	Bugs
org.mal_lang.lib.AST$Asset	1
org.mal_lang.lib.AST$Association	1
org.mal_lang.lib.AST$AttackStep	1
org.mal_lang.lib.AST$CallExpr	1
org.mal_lang.lib.AST$Category	1
org.mal_lang.lib.AST$Define	1
org.mal_lang.lib.AST$ID	1
org.mal_lang.lib.AST$IDExpr	1
org.mal_lang.lib.AST$Meta	1
org.mal_lang.lib.AST$Reaches	1
org.mal_lang.lib.AST$Requires	1
org.mal_lang.lib.AST$SubTypeExpr	1
org.mal_lang.lib.AST$TTCFuncExpr	1
org.mal_lang.lib.AST$TTCNumExpr	1
org.mal_lang.lib.AST$Variable	1
org.mal_lang.lib.Analyzer	5
org.mal_lang.lib.LangConverter	1
org.mal_lang.lib.Lexer	2
org.mal_lang.lib.MalLogger	2
org.mal_lang.lib.MalLogger$LogMessage	1
org.mal_lang.lib.MalLogger$LogMessagePosition	1
org.mal_lang.lib.MalLogger$MalLevel	1
org.mal_lang.lib.Parser	3
org.mal_lang.lib.Scope	1
org.mal_lang.lib.Token	3

org.mal_lang.lib.AST$Asset

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$Asset doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.AST$Association

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$Association doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.AST$AttackStep

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$AttackStep doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.AST$CallExpr

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$CallExpr doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.AST$Category

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$Category doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.AST$Define

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$Define doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.AST$ID

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$ID doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.AST$IDExpr

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$IDExpr doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.AST$Meta

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$Meta doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.AST$Reaches

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$Reaches doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.AST$Requires

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$Requires doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.AST$SubTypeExpr

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$SubTypeExpr doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.AST$TTCFuncExpr

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$TTCFuncExpr doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.AST$TTCNumExpr

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$TTCNumExpr doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.AST$Variable

Bug	Category	Details	Line	Priority
org.mal_lang.lib.AST$Variable doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium

org.mal_lang.lib.Analyzer

Bug	Category	Details	Line	Priority
org.mal_lang.lib.Analyzer.checkTTCExpr(AST$TTCExpr, boolean) invokes System.exit(...), which shuts down the entire virtual machine	BAD_PRACTICE	DM_EXIT	444	Medium
org.mal_lang.lib.Analyzer.checkToAsset(AST$Asset, AST$Expr) invokes System.exit(...), which shuts down the entire virtual machine	BAD_PRACTICE	DM_EXIT	731	Medium
org.mal_lang.lib.Analyzer.checkUnused() makes inefficient use of keySet iterator instead of entrySet iterator	PERFORMANCE	WMI_WRONG_MAP_ITERATOR	151	Medium
org.mal_lang.lib.Analyzer.checkUnused() makes inefficient use of keySet iterator instead of entrySet iterator	PERFORMANCE	WMI_WRONG_MAP_ITERATOR	142	Medium
org.mal_lang.lib.Analyzer.checkUnused() makes inefficient use of keySet iterator instead of entrySet iterator	PERFORMANCE	WMI_WRONG_MAP_ITERATOR	154	Medium

org.mal_lang.lib.LangConverter

Bug	Category	Details	Line	Priority
This use of org/mal_lang/lib/MalLogger.warning(Ljava/lang/String;)V might be used to include CRLF characters into log messages	SECURITY	CRLF_INJECTION_LOGS	260	Low

org.mal_lang.lib.Lexer

Bug	Category	Details	Line	Priority
Found reliance on default encoding in org.mal_lang.lib.Lexer.peek(String): String.getBytes()	I18N	DM_DEFAULT_ENCODING	394	High
Test for floating point equality in org.mal_lang.lib.Lexer.syntacticallyEqual(Lexer, Lexer)	STYLE	FE_FLOATING_POINT_EQUALITY	111	Low

org.mal_lang.lib.MalLogger

Bug	Category	Details	Line	Priority
This use of org/mal_lang/lib/MalLogger.log(Ljava/util/logging/Level;Ljava/lang/String;)V might be used to include CRLF characters into log messages	SECURITY	CRLF_INJECTION_LOGS	187	Low
This use of org/mal_lang/lib/MalLogger.log(Ljava/util/logging/Level;Ljava/lang/String;)V might be used to include CRLF characters into log messages	SECURITY	CRLF_INJECTION_LOGS	227	Low

org.mal_lang.lib.MalLogger$LogMessage

Bug	Category	Details	Line	Priority
org.mal_lang.lib.MalLogger$LogMessage defines compareTo(MalLogger$LogMessage) and uses Object.equals()	BAD_PRACTICE	EQ_COMPARETO_USE_OBJECT_EQUALS	88-95	Medium

org.mal_lang.lib.MalLogger$LogMessagePosition

Bug	Category	Details	Line	Priority
org.mal_lang.lib.MalLogger$LogMessagePosition defines compareTo(Object) and uses Object.equals()	BAD_PRACTICE	EQ_COMPARETO_USE_OBJECT_EQUALS	104	Medium

org.mal_lang.lib.MalLogger$MalLevel

Bug	Category	Details	Line	Priority
org.mal_lang.lib.MalLogger$MalLevel is Serializable; consider declaring a serialVersionUID	BAD_PRACTICE	SE_NO_SERIALVERSIONID	30-37	Low

org.mal_lang.lib.Parser

Bug	Category	Details	Line	Priority
Dead store to expr in org.mal_lang.lib.Parser._parseTTC()	STYLE	DLS_DEAD_LOCAL_STORE	427	Low
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input	SECURITY	PATH_TRAVERSAL_IN	203	Medium
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input	SECURITY	PATH_TRAVERSAL_IN	207	Medium

org.mal_lang.lib.Scope

Bug	Category	Details	Line	Priority
org.mal_lang.lib.Scope.getSymbols() may expose internal representation by returning Scope.symbols	MALICIOUS_CODE	EI_EXPOSE_REP	105	Medium

org.mal_lang.lib.Token

Bug	Category	Details	Line	Priority
org.mal_lang.lib.Token doesn't override Position.equals(Object)	STYLE	EQ_DOESNT_OVERRIDE_EQUALS	1	Medium
Unread public/protected field: org.mal_lang.lib.Token.postComments	STYLE	URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD	36	Low
Unread public/protected field: org.mal_lang.lib.Token.preComments	STYLE	URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD	35	Low