Fork me on GitHub
built with maven developed using

FindBugs Bug Detector Report

The following document contains the results of FindBugs

FindBugs Version is 3.0.1

Threshold is medium

Effort is min

Summary

Classes Bugs Errors Missing Classes
147 6 0 0

Files

Class Bugs
org.owasp.dependencycheck.analyzer.ArchiveAnalyzer 1
org.owasp.dependencycheck.analyzer.CMakeAnalyzer 1
org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer 2
org.owasp.dependencycheck.analyzer.RubyBundleAuditAnalyzer 1
org.owasp.dependencycheck.analyzer.RubyGemspecAnalyzer 1

org.owasp.dependencycheck.analyzer.ArchiveAnalyzer

Bug Category Details Line Priority
org.owasp.dependencycheck.analyzer.ArchiveAnalyzer.ensureReadableJar(String, BufferedInputStream) ignores result of java.io.BufferedInputStream.read(byte[]) BAD_PRACTICE RR_NOT_CHECKED 417 Medium

org.owasp.dependencycheck.analyzer.CMakeAnalyzer

Bug Category Details Line Priority
Found reliance on default encoding in org.owasp.dependencycheck.analyzer.CMakeAnalyzer.analyzeSetVersionCommand(Dependency, Engine, String): String.getBytes() I18N DM_DEFAULT_ENCODING 227 High

org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer

Bug Category Details Line Priority
Possible null pointer dereference of currentVersion on branch that might be infeasible in org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer.removeSpuriousCPE(Dependency) STYLE NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE 188 Medium
Possible null pointer dereference of nextVersion on branch that might be infeasible in org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer.removeSpuriousCPE(Dependency) STYLE NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE 188 Medium

org.owasp.dependencycheck.analyzer.RubyBundleAuditAnalyzer

Bug Category Details Line Priority
Exceptional return value of java.io.File.createNewFile() ignored in org.owasp.dependencycheck.analyzer.RubyBundleAuditAnalyzer.createDependencyForGem(Engine, String, String, String, String) BAD_PRACTICE RV_RETURN_VALUE_IGNORED_BAD_PRACTICE 485 Medium

org.owasp.dependencycheck.analyzer.RubyGemspecAnalyzer

Bug Category Details Line Priority
Possible null pointer dereference in org.owasp.dependencycheck.analyzer.RubyGemspecAnalyzer.addEvidenceFromVersionFile(File, EvidenceCollection) due to return value of called method STYLE NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE 220 Medium