Built by Maven

SpotBugs Bug Detector Report

The following document contains the results of SpotBugs

SpotBugs Version is 4.0.4

Threshold is

Effort is default

Summary

Classes Bugs Errors Missing Classes
176 11 0 6

Files

Class Bugs
org.apache.logging.log4j.simple.SimpleLoggerContext 1
org.apache.logging.log4j.spi.DefaultThreadContextStack 1
org.apache.logging.log4j.status.StatusData 2
org.apache.logging.log4j.util.Base64Util 1
org.apache.logging.log4j.util.LoaderUtil$UrlResource 1
org.apache.logging.log4j.util.LowLevelLogUtil 2
org.apache.logging.log4j.util.SortedArrayStringMap 1
org.apache.logging.log4j.util.Timer 2

org.apache.logging.log4j.simple.SimpleLoggerContext

Bug Category Details Line Priority
Found reliance on default encoding in new org.apache.logging.log4j.simple.SimpleLoggerContext(): new java.io.PrintStream(OutputStream) I18N DM_DEFAULT_ENCODING 91 High

org.apache.logging.log4j.spi.DefaultThreadContextStack

Bug Category Details Line Priority
org.apache.logging.log4j.spi.DefaultThreadContextStack.equals(Object) checks for operand being a MutableThreadContextStack BAD_PRACTICE EQ_CHECK_FOR_OPERAND_NOT_COMPATIBLE_WITH_THIS 135 High

org.apache.logging.log4j.status.StatusData

Bug Category Details Line Priority
Found reliance on default encoding in org.apache.logging.log4j.status.StatusData.getFormattedStatus(): java.io.ByteArrayOutputStream.toString() I18N DM_DEFAULT_ENCODING 141 High
Found reliance on default encoding in org.apache.logging.log4j.status.StatusData.getFormattedStatus(): new java.io.PrintStream(OutputStream) I18N DM_DEFAULT_ENCODING 140 High

org.apache.logging.log4j.util.Base64Util

Bug Category Details Line Priority
Found reliance on default encoding in org.apache.logging.log4j.util.Base64Util.encode(String): String.getBytes() I18N DM_DEFAULT_ENCODING 56 High

org.apache.logging.log4j.util.LoaderUtil$UrlResource

Bug Category Details Line Priority
Invocation of java.net.URL.equals(Object), which blocks to do domain name resolution, in org.apache.logging.log4j.util.LoaderUtil$UrlResource.equals(Object) PERFORMANCE DMI_BLOCKING_METHODS_ON_URL 340 High

org.apache.logging.log4j.util.LowLevelLogUtil

Bug Category Details Line Priority
Found reliance on default encoding in org.apache.logging.log4j.util.LowLevelLogUtil.<static initializer for LowLevelLogUtil>(): new java.io.PrintWriter(OutputStream, boolean) I18N DM_DEFAULT_ENCODING 34 High
Found reliance on default encoding in org.apache.logging.log4j.util.LowLevelLogUtil.setOutputStream(OutputStream): new java.io.PrintWriter(OutputStream, boolean) I18N DM_DEFAULT_ENCODING 65 High

org.apache.logging.log4j.util.SortedArrayStringMap

Bug Category Details Line Priority
Object deserialization is used in org.apache.logging.log4j.util.SortedArrayStringMap.unmarshall(byte[], ObjectInputStream) SECURITY OBJECT_DESERIALIZATION 566 High

org.apache.logging.log4j.util.Timer

Bug Category Details Line Priority
Class org.apache.logging.log4j.util.Timer defines non-transient non-serializable instance field startTime BAD_PRACTICE SE_BAD_FIELD Not available High
org.apache.logging.log4j.util.Timer$1 stored into non-transient field Timer.startTime BAD_PRACTICE SE_BAD_FIELD_STORE 41 High