Project: <<unnamed project>>
FindBugs version: 0.9.4
Code analyzed:
| Warning Type | Number |
|---|---|
| Correctness Warnings | 1 |
| Internationalization Warnings | 0 |
| Multithreaded Correctness Warnings | 0 |
| Malicious Code Vulnerability Warnings | 4 |
| Performance Warnings | 5 |
| Style Warnings | 0 |
| Total | 10 |
Click on a warning row to see full context information.
| Code | Warning |
|---|---|
| Dm | biz.xsoftware.manifest.ManifestUtilImpl.getFile(java.net.URL) invokes System.exit(...), which shuts down the entire virtual machine |
| Code | Warning |
|---|
| Code | Warning |
|---|
| Code | Warning |
|---|---|
| EI | biz.xsoftware.mock.client.JsCalledMethod.getAllParams() may expose internal representation by returning biz.xsoftware.mock.client.JsCalledMethod.params |
| EI2 | biz.xsoftware.mock.client.JsCalledMethod. |
| EI2 | biz.xsoftware.mock.client.JsExpectFailedException. |
| EI2 | biz.xsoftware.mock.client.JsExpectFailedException.setCalledMethods(Object[]) may expose internal representation by storing an externally mutable object into biz.xsoftware.mock.client.JsExpectFailedException.methods |
| Code | Warning |
|---|---|
| SBSC | Method biz.xsoftware.mock.client.JsMockSuperclass.expectOrderedCalls(String[]) concatenates strings using + in a loop |
| SBSC | Method biz.xsoftware.mock.client.JsMockSuperclass.methodCalledImpl(String,Object[]) concatenates strings using + in a loop |
| SBSC | Method biz.xsoftware.mock.client.JsMockSuperclass.putTogetherReason(String[],java.util.Set,java.util.List,String) concatenates strings using + in a loop |
| SBSC | Method biz.xsoftware.mock.client.JsMockSuperclass$LeftOverMethods.toString() concatenates strings using + in a loop |
| SIC | Should biz.xsoftware.mock.client.JsMockSuperclass$LeftOverMethods be a _static_ inner class? |
| Code | Warning |
|---|
Invoking System.exit shuts down the entire Java virtual machine. This should only been done when it is appropriate. Such calls make it hard or impossible for your code to be invoked by other code. Consider throwing a RuntimeException instead.
Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new copy of the object is better approach in many situations.
This code stores a reference to an externally mutable object into the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.
The method seems to be building a String using concatenation in a loop. In each iteration, the String is converted to a StringBuffer/StringBuilder, appended to, and converted back to a String. This can lead to a cost quadratic in the number of iterations, as the growing string is recopied in each iteration.
Better performance can be obtained by using a StringBuffer (or StringBuilder in Java 1.5) explicitly.
For example:
// This is bad
String s = "";
for (int i = 0; i < field.length; ++i) {
s = s + field[i];
}
// This is better
StringBuffer buf = new StringBuffer();
for (int i = 0; i < field.length; ++i) {
buf.append(field[i]);
}
String s = buf.toString();
This class is an inner class, but does not use its embedded reference to the object which created it. This reference makes the instances of the class larger, and may keep the reference to the creator object alive longer than necessary. If possible, the class should be be made static.