FindBugs Report

Produced using FindBugs3.0.1.

Project:

Metrics

2997 lines of code analyzed, in 89 classes, in 4 packages.

Metric Total Density*
High Priority Warnings 5 1.67
Medium Priority Warnings 8 2.67
Low Priority Warnings 12 4.00
Total Warnings 25 8.34

(* Defects per Thousand lines of non-commenting source statements)



Summary

Warning Type Number
Bad practice Warnings 3
Experimental Warnings 1
Internationalization Warnings 7
Malicious code vulnerability Warnings 1
Performance Warnings 5
Dodgy code Warnings 8
Total 25



Warnings

Click on each warning link to see a full description of the issue, and details of how to resolve it.

Bad practice Warnings

Warning Priority Details
Method may fail to close stream Medium

groovyx.net.http.NativeHandlers$Parsers.textToString(ChainedHttpConfig, FromServer) may fail to close stream


In file NativeHandlers.java, line 370
In class groovyx.net.http.NativeHandlers$Parsers
In method groovyx.net.http.NativeHandlers$Parsers.textToString(ChainedHttpConfig, FromServer)
Need to close java.io.Reader
At NativeHandlers.java:[line 370]

Method ignores exceptional return value Medium

Exceptional return value of java.io.File.delete() ignored in groovyx.net.http.FileBackedCookieStore.deleteFile(NonBlockingCookieStore$Key)


In file FileBackedCookieStore.java, line 88
In class groovyx.net.http.FileBackedCookieStore
In method groovyx.net.http.FileBackedCookieStore.deleteFile(NonBlockingCookieStore$Key)
Called method java.io.File.delete()
At FileBackedCookieStore.java:[line 88]

Confusing method names Low

Confusing to have methods groovyx.net.http.JavaHttpBuilder$Action$JavaFromServer.getUri() and groovyx.net.http.NonBlockingCookieStore$UriKey.getURI()


In file JavaHttpBuilder.java, line 301
In class groovyx.net.http.JavaHttpBuilder$Action$JavaFromServer
In method groovyx.net.http.JavaHttpBuilder$Action$JavaFromServer.getUri()
In class groovyx.net.http.NonBlockingCookieStore$UriKey
In method groovyx.net.http.NonBlockingCookieStore$UriKey.getURI()
At JavaHttpBuilder.java:[line 301]



Experimental Warnings

Warning Priority Details
Method may fail to clean up stream or resource Medium

groovyx.net.http.NativeHandlers$Encoders.handleRawUpload(ChainedHttpConfig, ToServer) may fail to clean up java.io.InputStream


In file NativeHandlers.java, line 164
In class groovyx.net.http.NativeHandlers$Encoders
In method groovyx.net.http.NativeHandlers$Encoders.handleRawUpload(ChainedHttpConfig, ToServer)
Reference type java.io.InputStream
1 instances of obligation remaining
Obligation to clean up resource created at NativeHandlers.java:[line 164] is not discharged
Path continues at NativeHandlers.java:[line 165]
Remaining obligations: {InputStream x 1}



Internationalization Warnings

Warning Priority Details
Reliance on default encoding High

Found reliance on default encoding in groovyx.net.http.FromServer.getReader(): new java.io.InputStreamReader(InputStream)


In file FromServer.java, line 531
In class groovyx.net.http.FromServer
In method groovyx.net.http.FromServer.getReader()
Called method new java.io.InputStreamReader(InputStream)
At FromServer.java:[line 531]

Reliance on default encoding High

Found reliance on default encoding in groovyx.net.http.HttpConfigs$BaseHttpConfig.configure(String): new java.io.InputStreamReader(InputStream)


In file HttpConfigs.java, line 524
In class groovyx.net.http.HttpConfigs$BaseHttpConfig
In method groovyx.net.http.HttpConfigs$BaseHttpConfig.configure(String)
Called method new java.io.InputStreamReader(InputStream)
At HttpConfigs.java:[line 524]

Reliance on default encoding High

Found reliance on default encoding in groovyx.net.http.util.IoUtils.copyAsString(BufferedInputStream): new String(byte[])


In file IoUtils.java, line 72
In class groovyx.net.http.util.IoUtils
In method groovyx.net.http.util.IoUtils.copyAsString(BufferedInputStream)
Called method new String(byte[])
At IoUtils.java:[line 72]

Reliance on default encoding Low

Found reliance on default encoding in groovyx.net.http.FileBackedCookieStore.lambda$readAll$5(File): new java.io.FileReader(File)


In file FileBackedCookieStore.java, line 175
In class groovyx.net.http.FileBackedCookieStore
In method groovyx.net.http.FileBackedCookieStore.lambda$readAll$5(File)
Called method new java.io.FileReader(File)
At FileBackedCookieStore.java:[line 175]

Reliance on default encoding Low

Found reliance on default encoding in groovyx.net.http.FileBackedCookieStore.lambda$store$3(NonBlockingCookieStore$Key, HttpCookie): new java.io.FileWriter(File)


In file FileBackedCookieStore.java, line 157
In class groovyx.net.http.FileBackedCookieStore
In method groovyx.net.http.FileBackedCookieStore.lambda$store$3(NonBlockingCookieStore$Key, HttpCookie)
Called method new java.io.FileWriter(File)
At FileBackedCookieStore.java:[line 157]

Consider using Locale parameterized version of invoked method Low

Use of non-localized String.toUpperCase() or String.toLowerCase() in groovyx.net.http.NonBlockingCookieStore$Key.forStorage(String)


In file NonBlockingCookieStore.java, line 125
In class groovyx.net.http.NonBlockingCookieStore$Key
In method groovyx.net.http.NonBlockingCookieStore$Key.forStorage(String)
At NonBlockingCookieStore.java:[line 125]

Consider using Locale parameterized version of invoked method Low

Use of non-localized String.toUpperCase() or String.toLowerCase() in groovyx.net.http.util.Misc.isPropertySet(String)


In file Misc.java, line 26
In class groovyx.net.http.util.Misc
In method groovyx.net.http.util.Misc.isPropertySet(String)
At Misc.java:[line 26]



Malicious code vulnerability Warnings

Warning Priority Details
Field isn't final but should be High

groovyx.net.http.NativeHandlers$Parsers.catalogResolver isn't final but should be


In file NativeHandlers.java, line 340
In class groovyx.net.http.NativeHandlers$Parsers
Field groovyx.net.http.NativeHandlers$Parsers.catalogResolver
At NativeHandlers.java:[line 340]



Performance Warnings

Warning Priority Details
Boxing/unboxing to parse a primitive High

Boxing/unboxing to parse a primitive groovyx.net.http.FileBackedCookieStore.fromProperties(Properties)


In file FileBackedCookieStore.java, line 272
In class groovyx.net.http.FileBackedCookieStore
In method groovyx.net.http.FileBackedCookieStore.fromProperties(Properties)
Called method Integer.intValue()
Should call Integer.parseInt(String) instead
At FileBackedCookieStore.java:[line 272]

Unread field Medium

Unread field: groovyx.net.http.HttpConfigs$ThreadSafeAuth.preemptive


In file HttpConfigs.java, line 93
In class groovyx.net.http.HttpConfigs$ThreadSafeAuth
Field groovyx.net.http.HttpConfigs$ThreadSafeAuth.preemptive
At HttpConfigs.java:[line 93]

Private method is never called Low

Private method groovyx.net.http.NonBlockingCookieStore.makeURI(String) is never called


In file NonBlockingCookieStore.java, lines 241 to 244
In class groovyx.net.http.NonBlockingCookieStore
In method groovyx.net.http.NonBlockingCookieStore.makeURI(String)
At NonBlockingCookieStore.java:[lines 241-244]

Unread field Low

Unread field: groovyx.net.http.CharSequenceInputStream.charset


In file CharSequenceInputStream.java, line 36
In class groovyx.net.http.CharSequenceInputStream
Field groovyx.net.http.CharSequenceInputStream.charset
At CharSequenceInputStream.java:[line 36]

Unread field Low

Unread field: groovyx.net.http.ReaderInputStream.charset


In file ReaderInputStream.java, line 39
In class groovyx.net.http.ReaderInputStream
Field groovyx.net.http.ReaderInputStream.charset
At ReaderInputStream.java:[line 39]



Dodgy code Warnings

Warning Priority Details
Dead store to local variable Medium

Dead store to maxAge in groovyx.net.http.FileBackedCookieStore.fromProperties(Properties)


In file FileBackedCookieStore.java, line 265
In class groovyx.net.http.FileBackedCookieStore
In method groovyx.net.http.FileBackedCookieStore.fromProperties(Properties)
Local variable named maxAge
At FileBackedCookieStore.java:[line 265]

Dead store to local variable Medium

Dead store to H in groovyx.net.http.NonBlockingCookieStore.netscapeDomainMatches(String, String)


In file NonBlockingCookieStore.java, line 288
In class groovyx.net.http.NonBlockingCookieStore
In method groovyx.net.http.NonBlockingCookieStore.netscapeDomainMatches(String, String)
Local variable named H
At NonBlockingCookieStore.java:[line 288]

Possible null pointer dereference due to return value of called method Medium

Possible null pointer dereference in groovyx.net.http.FileBackedCookieStore.readAll() due to return value of called method


In file FileBackedCookieStore.java, line 171
In class groovyx.net.http.FileBackedCookieStore
In method groovyx.net.http.FileBackedCookieStore.readAll()
Value loaded from e
Dereferenced at FileBackedCookieStore.java:[line 171]
Known null at FileBackedCookieStore.java:[line 171]

Possible null pointer dereference on branch that might be infeasible Medium

Possible null pointer dereference of NonBlockingCookieStore$DomainKey.path on branch that might be infeasible in groovyx.net.http.NonBlockingCookieStore$DomainKey.pathEquals(NonBlockingCookieStore$DomainKey)


In file NonBlockingCookieStore.java, line 210
In class groovyx.net.http.NonBlockingCookieStore$DomainKey
In method groovyx.net.http.NonBlockingCookieStore$DomainKey.pathEquals(NonBlockingCookieStore$DomainKey)
Value contained in groovyx.net.http.NonBlockingCookieStore$DomainKey.path
Dereferenced at NonBlockingCookieStore.java:[line 210]
Known null at NonBlockingCookieStore.java:[line 203]
Known null at NonBlockingCookieStore.java:[line 206]

Load of known null value Low

Load of known null value in groovyx.net.http.UriBuilder.forCookie(HttpCookie)


In file UriBuilder.java, line 179
In class groovyx.net.http.UriBuilder
In method groovyx.net.http.UriBuilder.forCookie(HttpCookie)
Value loaded from fragment
At UriBuilder.java:[line 179]

Load of known null value Low

Load of known null value in groovyx.net.http.UriBuilder.forCookie(HttpCookie)


In file UriBuilder.java, line 179
In class groovyx.net.http.UriBuilder
In method groovyx.net.http.UriBuilder.forCookie(HttpCookie)
Value loaded from query
At UriBuilder.java:[line 179]

Load of known null value Low

Load of known null value in groovyx.net.http.UriBuilder.forCookie(HttpCookie)


In file UriBuilder.java, line 179
In class groovyx.net.http.UriBuilder
In method groovyx.net.http.UriBuilder.forCookie(HttpCookie)
Value loaded from userInfo
At UriBuilder.java:[line 179]

Method directly allocates a specific implementation of xml interfaces Low

groovyx.net.http.optional.Html.neckoParse(ChainedHttpConfig, FromServer) directly allocates a specific implementation of xml interfaces


In file Html.java, line 58
In class groovyx.net.http.optional.Html
In method groovyx.net.http.optional.Html.neckoParse(ChainedHttpConfig, FromServer)
At Html.java:[line 58]





Warning Types

Boxing/unboxing to parse a primitive

A boxed primitive is created from a String, just to extract the unboxed primitive value. It is more efficient to just call the static parseXXX method.



Dead store to local variable

This instruction assigns a value to a local variable, but the value is not read or used in any subsequent instruction. Often, this indicates an error, because the value computed is never used.

Note that Sun's javac compiler often generates dead stores for final local variables. Because FindBugs is a bytecode-based tool, there is no easy way to eliminate these false positives.



Consider using Locale parameterized version of invoked method

A String is being converted to upper or lowercase, using the platform's default encoding. This may result in improper conversions when used with international characters. Use the

versions instead.



Reliance on default encoding

Found a call to a method which will perform a byte to String (or String to byte) conversion, and will assume that the default platform encoding is suitable. This will cause the application behaviour to vary between platforms. Use an alternative API and specify a charset name or Charset object explicitly.



Field isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.



Confusing method names

The referenced methods have names that differ only by capitalization.



Load of known null value

The variable referenced at this point is known to be null due to an earlier check against null. Although this is valid, it might be a mistake (perhaps you intended to refer to a different variable, or perhaps the earlier check to see if the variable is null should have been a check to see if it was non-null).



Possible null pointer dereference due to return value of called method

The return value from a method is dereferenced without a null check, and the return value of that method is one that should generally be checked for null. This may lead to a NullPointerException when the code is executed.



Possible null pointer dereference on branch that might be infeasible

There is a branch of statement that, if executed, guarantees that a null value will be dereferenced, which would generate a NullPointerException when the code is executed. Of course, the problem might be that the branch or statement is infeasible and that the null pointer exception can't ever be executed; deciding that is beyond the ability of FindBugs. Due to the fact that this value had been previously tested for nullness, this is a definite possibility.



Method may fail to clean up stream or resource

This method may fail to clean up (close, dispose of) a stream, database object, or other resource requiring an explicit cleanup operation.

In general, if a method opens a stream or other resource, the method should use a try/finally block to ensure that the stream or resource is cleaned up before the method returns.

This bug pattern is essentially the same as the OS_OPEN_STREAM and ODR_OPEN_DATABASE_RESOURCE bug patterns, but is based on a different (and hopefully better) static analysis technique. We are interested is getting feedback about the usefulness of this bug pattern. To send feedback, either:

In particular, the false-positive suppression heuristics for this bug pattern have not been extensively tuned, so reports about false positives are helpful to us.

See Weimer and Necula, Finding and Preventing Run-Time Error Handling Mistakes, for a description of the analysis technique.



Method may fail to close stream

The method creates an IO stream object, does not assign it to any fields, pass it to other methods that might close it, or return it, and does not appear to close the stream on all paths out of the method.  This may result in a file descriptor leak.  It is generally a good idea to use a finally block to ensure that streams are closed.



Method ignores exceptional return value

This method returns a value that is not checked. The return value should be checked since it can indicate an unusual or unexpected function execution. For example, the File.delete() method returns false if the file could not be successfully deleted (rather than throwing an Exception). If you don't check the result, you won't notice if the method invocation signals unexpected behavior by returning an atypical return value.



Private method is never called

This private method is never called. Although it is possible that the method will be invoked through reflection, it is more likely that the method is never used, and should be removed.



Unread field

This field is never read.  Consider removing it from the class.



Method directly allocates a specific implementation of xml interfaces

This method allocates a specific implementation of an xml interface. It is preferable to use the supplied factory classes to create these objects so that the implementation can be changed at runtime. See

for details.