FindBugs Bug Detector Report
The following document contains the results of FindBugs Report
FindBugs Version is 2.0.2
Threshold is medium
Effort is min
Summary
| Classes |
Bugs |
Errors |
Missing Classes |
| 126 |
7 |
0 |
0 |
org.owasp.dependencycheck.analyzer.ArchiveAnalyzer
| Bug |
Category |
Details |
Line |
Priority |
| Redundant nullcheck of org.owasp.dependencycheck.analyzer.ArchiveAnalyzer.tempFileLocation, which is known to be non-null in org.owasp.dependencycheck.analyzer.ArchiveAnalyzer.close() |
STYLE |
RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE |
197 |
Medium |
org.owasp.dependencycheck.analyzer.AssemblyAnalyzer
| Bug |
Category |
Details |
Line |
Priority |
| org.owasp.dependencycheck.analyzer.AssemblyAnalyzer.initializeFileTypeAnalyzer() discards result of readLine after checking if it is nonnull |
STYLE |
RV_DONT_JUST_NULL_CHECK_READLINE |
249 |
Medium |
org.owasp.dependencycheck.analyzer.CMakeAnalyzer
| Bug |
Category |
Details |
Line |
Priority |
| Found reliance on default encoding in org.owasp.dependencycheck.analyzer.CMakeAnalyzer.analyzeSetVersionCommand(Dependency, Engine, String): String.getBytes() |
I18N |
DM_DEFAULT_ENCODING |
200 |
High |
org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer
| Bug |
Category |
Details |
Line |
Priority |
| Possible null pointer dereference of currentVersion on branch that might be infeasible in org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer.removeSpuriousCPE(Dependency) |
STYLE |
NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE |
187 |
Medium |
| Possible null pointer dereference of nextVersion on branch that might be infeasible in org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer.removeSpuriousCPE(Dependency) |
STYLE |
NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE |
187 |
Medium |
org.owasp.dependencycheck.data.update.cpe.CPEHandler$Element
| Bug |
Category |
Details |
Line |
Priority |
| Should org.owasp.dependencycheck.data.update.cpe.CPEHandler$Element be a _static_ inner class? |
PERFORMANCE |
SIC_INNER_SHOULD_BE_STATIC |
182-360 |
Medium |
