Package edu.umd.cs.findbugs.detect
package edu.umd.cs.findbugs.detect
-
ClassDescriptionAbstract base class for finding assertionsFactory for stream objects of a particular base class type returned by any method.if we get from a ConcurrentHashMap and assign to a variable...Scan application classes for CheckReturnValue annotations.Build the interprocedural call graph.Deprecated.AnnotationDatabases are being phased out, since annotations are now stored directly in the XClass/XMethod/XField objects.Build database of methods that return values guaranteed to be nonnullBuild the ObligationPolicyDatabase used by ObligationAnalysis.Builds the database of string parameters passed from method to method unchanged.Build database of unconditionally dereferenced parameters.Detector to find private methods that are never called.This is just for debugging method call resolution.Deprecated.The annotation based approach is useless for lambdas.Checks that overriding methods do not relax
Nonnull
(madeCheckForNull
) on return values orCheckForNull
(madeNonnull
) on parameters.Check JSR-305 type qualifiers.This detector can find constructors that throw exception.Warning property for FindDeadLocalStores.Finds invocations of JDK methods that rely on the default platform encoding.A detector that checks for lines in JUnit tests that look like `assertTrue(object instanceof Class)` and discourages them.A WarningProperty for warnings that are reported at a "doomed" Location; one that cannot return normally.This detector is currently disabled by default.This detector can find Assertions that try to validate method arguments.This detector can find assertions that violate the EXP06 rule.Find dead stores to local variables.Find instance fields which are sometimes accessed (read or written) with the receiver lock held and sometimes without.Find places where ordinary (balanced) synchronization is performed on JSR166 Lock objects.Public status of the method in NSE database TODO: implement CHECKA Detector to find instructions where a NullPointerException might be raised.A Detector to look for streams that are opened in a method, do not escape the method, and are not closed on all paths out of the method.Find suspicious reference comparisons.Type representing a dynamically created String.Type representing a String passed as a parameter.Type representing a static String.Find calls to Thread.sleep() made with a lock held.Find potential SQL injection vulnerabilities.Detector to find private methods that are never called.Find unsatisfied obligations in Java methods.A Detector to look for useless control flow.This detector finds all the vulnerable methods which uses Security Manager to perform some security check but are declared non-final and non-private in a non-final class.Find comparisons involving values computed with bitwise operations whose outcomes are fixed at compile time.Warning properties for inconsistent synchronization detector.Use whenever possible String.indexOf(int) instead of String.indexOf(String), or String.lastIndexOf(int) instead of String.lastIndexOf(String).Find occurrences of collection.toArray( new Foo[0] ); This causes another memory allocation through reflection Much better to do collection.toArray( new Foo[collection.size()] );StreamFactory for stream objects loaded from instance fields.A StreamFactory for normal java.io streams that are created using NEW instructions.We found a problem with the new OpenJDK that everyone is now using to compile and run java code.Look for calls to methods where the return value is erroneously ignored.StreamFactory for streams that are created as the result of calling a method on an object.A Detector to find instructions where a NullPointerException might be raised.Scan classes for @CheckReturnValue annotationsScan methods for directly-relevant type qualifiers, building the DirectlyRelevantTypeQualifiersDatabase.Deprecated.AnnotationDatabases are being phased out, since annotations are now stored directly in the XClass/XMethod/XField objects.As a first scanning pass, make a note of unconditionally dereferenced parameters for later use by FindNullDerefs.Make a note of unconditionally dereferenced parameters for later use by FindNullDerefs.Warning property for a null argument being passed to a method which might dereference it.Warning properties for null pointer dereference and redundant null comparison warnings.Detector to find calls to Number constructors with base type argument in Java 5 or newer bytecode.Methods with "Optional" return type should never return null.This class contains all the public identifiers that are part of the Java Standard Library.finds public classes that use 'this' as a semaphore, which can cause conflicts if clients of this class use an instance of this class as their own synchronization point.Warning properties for FindRefComparison detector.Detector to find private methods that are never called.RuntimeExceptionCaptureDetector for static fields of typeCalendar
orDateFormat
and their subclasses.Stream factory for streams created by loading a value from a static field.A Stream object marks the location in the code where a stream is created.Set of streams that are in an equivalence class.A StreamEscape is an object representing the escape of a Stream to a called method.An object that examines a Location and determines if a Stream is created there.A visitor to model the effect of instructions on the status of the resource (in this case, Streams).Resource tracker which determines where streams are created, and how they are used within the method.Find occurrences of using the String "+" or "+=" operators within a loop.Find occurrences of a instanceof b where it can be determined statically whether this is true or false.looks for calls to Thread.interrupted from a non static context, especially when that context is not 'currentThread()'.Sample detector, using ASMTestDataflowAnalysis<Fact,AnalysisType extends DataflowAnalysis<Fact>> This detector is just a test harness to test a dataflow analysis class specified by the dataflow.classname property.Build a database of reference types stored into fields.Deprecated.AnnotationDatabases are being phased out, since annotations are now stored directly in the XClass/XMethod/XField objects.Training pass to find method parameters which are unconditionally dereferenced.Base class for simple type checking detectors which tests if the method returns null references for specific types.Find occurrences of Math using constants, where the result of the calculation can be determined statically.equals and hashCode are blocking methods on URL's.