This document lists all detectors in SpotBugs.

Standard detectors

These detectors are on by default:

OverridingMethodsMustInvokeSuperDetector

Finds overriding methods that must call super.

• CN: Super method is annotated with @OverridingMethodsMustInvokeSuper, but the overriding method isn’t calling the super method. (OVERRIDING_METHODS_MUST_INVOKE_SUPER)

FindRoughConstants

Finds constants which roughly (but not precisely) equal to known values like Math.PI.

• CNT: Rough value of known constant found (CNT_ROUGH_CONSTANT_VALUE)

SynchronizeAndNullCheckField

This detector looks for a field that is synchronized on and then null checked.

• NP: Synchronize and null check on the same field. (NP_SYNC_AND_NULL_CHECK_FIELD)

InitializeNonnullFieldsInConstructor

Finds non-null fields that are not written to in constructors.

• NP: Non-null field is not initialized (NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR)

BooleanReturnNull

Looks for methods with Boolean return type that return explicit null values.

• NP: Method with Boolean return type returns explicit null (NP_BOOLEAN_RETURN_NULL)

OptionalReturnNull

Looks for methods with Optional return type that return explicit null values.

• NP: Method with Optional return type returns explicit null (NP_OPTIONAL_RETURN_NULL)

ConfusionBetweenInheritedAndOuterMethod

Looks for potential confusion between inherited and outer methods.

• IA: Potentially ambiguous invocation of either an inherited or outer method (IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD)

SynchronizationOnSharedBuiltinConstant

This detector looks for synchronization on a shared built-in constant (such as a String).

• DL: Synchronization on Boolean (DL_SYNCHRONIZATION_ON_BOOLEAN)

• DL: Synchronization on boxed primitive (DL_SYNCHRONIZATION_ON_BOXED_PRIMITIVE)

• DL: Synchronization on interned String (DL_SYNCHRONIZATION_ON_INTERNED_STRING)

• DL: Synchronization on String literal (DL_SYNCHRONIZATION_ON_SHARED_CONSTANT)

• DL: Synchronization on boxed primitive values (DL_SYNCHRONIZATION_ON_UNSHARED_BOXED_PRIMITIVE)

NoteUnconditionalParamDerefs

Analyze all methods in the application to determine which dereference parameters unconditionally. This information is used in a later analysis pass to find call sites where null values may be passed to those methods.

This is a slow detector.

• NP: equals() method does not check for null argument (NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT)

• NP: Parameter must be non-null but is marked as nullable (NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE)

SynchronizeOnClassLiteralNotGetClass

Looks for code that synchronizes on the results of getClass rather than on class literals.

• WL: Synchronization on getClass rather than class literal (WL_USING_GETCLASS_RATHER_THAN_CLASS_LITERAL)

InfiniteRecursiveLoop

Looks for an infinite recursive loop.

• IL: A collection is added to itself (IL_CONTAINER_ADDED_TO_ITSELF)

• IL: An apparent infinite recursive loop (IL_INFINITE_RECURSIVE_LOOP)

InfiniteLoop

Looks for an infinite loop.

• IL: An apparent infinite loop (IL_INFINITE_LOOP)

VolatileUsage

Looks for bug patterns in the usage of volatile fields.

• VO: An increment to a volatile field isn’t atomic (VO_VOLATILE_INCREMENT)

• VO: A volatile reference to an array doesn’t treat the array elements as volatile (VO_VOLATILE_REFERENCE_TO_ARRAY)

InheritanceUnsafeGetResource

Looks for uses of this.getClass().getResource(…), which can give unexpected results if the class is extended by a class in another package.

• UI: Usage of GetResource may be unsafe if class is extended (UI_INHERITANCE_UNSAFE_GETRESOURCE)

DoInsideDoPrivileged

Looks for code that should be executed inside doPrivileged blocks.

• DP: Classloaders should only be created inside doPrivileged block (DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)

• DP: Method invoked that should be only be invoked inside a doPrivileged block (DP_DO_INSIDE_DO_PRIVILEGED)

HugeSharedStringConstants

This detector looks for string constants that are duplicated across multiple classfiles.

• HSC: Huge string constants is duplicated across multiple class files (HSC_HUGE_SHARED_STRING_CONSTANT)

FinalizerNullsFields

This detector looks for finalizers that null out fields of a class. This does not help the garbage collector in any way, the nulling out of fields has no effect.

• FI: Finalizer nulls fields (FI_FINALIZER_NULLS_FIELDS)

• FI: Finalizer only nulls fields (FI_FINALIZER_ONLY_NULLS_FIELDS)

MutableEnum

Looks and warns about mutable enum fields.

• ME: Public enum method unconditionally sets its field (ME_ENUM_FIELD_SETTER)

• ME: Enum field is public and mutable (ME_MUTABLE_ENUM_FIELD)

InconsistentAnnotations

This detector finds inconsistencies between type qualifiers directly applied to method parameters and uses of those method parameters.

• NP: Parameter must be non-null but is marked as nullable (NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE)

RepeatedConditionals

This detector looks for code containing repeated conditional tests, such as (x == 5 || x == 5).

• RpC: Repeated conditional tests (RpC_REPEATED_CONDITIONAL_TEST)

RedundantConditions

This detector looks for code containing useless conditions like the second condition in this expression: (x >= 10 && x >= 5).

• UC: Condition has no effect (UC_USELESS_CONDITION)

• UC: Condition has no effect due to the variable type (UC_USELESS_CONDITION_TYPE)

FormatStringChecker

Checks for incorrect format strings.

• FS: Format string should use %n rather than n (VA_FORMAT_STRING_USES_NEWLINE)

LostLoggerDueToWeakReference

This detector finds code that behaves differently under OpenJDK 6, where weak references are used to hold onto Loggers.

• LG: Potential lost logger changes due to weak reference in OpenJDK (LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE)

EqualsOperandShouldHaveClassCompatibleWithThis

Checks for equals methods that check for their operand being an instance of a class that is not compatible with the class defining the equals method.

• Eq: Equals checks for incompatible operand (EQ_CHECK_FOR_OPERAND_NOT_COMPATIBLE_WITH_THIS)

CheckImmutableAnnotation

Looks for violations of the rules for classes annotated as net.jcip.annotations.Immutable or javax.annotation.concurrent.Immutable.

• JCIP: Fields of immutable classes should be final (JCIP_FIELD_ISNT_FINAL_IN_IMMUTABLE_CLASS)

DontCatchIllegalMonitorStateException

This detector looks for try-catch blocks that catch an IllegalMonitorStateException.

• IMSE: Dubious catching of IllegalMonitorStateException (IMSE_DONT_CATCH_IMSE)

CloneIdiom

This detector looks for violations of the idioms for writing cloneable classes.

• CN: Class implements Cloneable but does not define or use clone method (CN_IDIOM)

• CN: clone method does not call super.clone() (CN_IDIOM_NO_SUPER_CALL)

• CN: Class defines clone() but doesn’t implement Cloneable (CN_IMPLEMENTS_CLONE_BUT_NOT_CLONEABLE)

ComparatorIdiom

This detector looks for violations of the idioms for writing classes that implement Comparator.

• Se: Comparator doesn’t implement Serializable (SE_COMPARATOR_SHOULD_BE_SERIALIZABLE)

FindFieldSelfAssignment

This detector looks for places where a field is assigned by reading the value of the same field.

• SA: Self assignment of field (SA_FIELD_SELF_ASSIGNMENT)

• SA: Double assignment of local variable (SA_LOCAL_DOUBLE_ASSIGNMENT)

FindSelfComparison

This detector looks for places where a value is compared with itself.

• SA: Double assignment of field (SA_FIELD_DOUBLE_ASSIGNMENT)

• SA: Self comparison of field with itself (SA_FIELD_SELF_COMPARISON)

• SA: Nonsensical self computation involving a field (e.g., x & x) (SA_FIELD_SELF_COMPUTATION)

• SA: Self comparison of value with itself (SA_LOCAL_SELF_COMPARISON)

• SA: Nonsensical self computation involving a variable (e.g., x & x) (SA_LOCAL_SELF_COMPUTATION)

FindSelfComparison2

This detector looks for places where a value is compared with itself.

• SA: Self comparison of field with itself (SA_FIELD_SELF_COMPARISON)

• SA: Nonsensical self computation involving a field (e.g., x & x) (SA_FIELD_SELF_COMPUTATION)

• SA: Self comparison of value with itself (SA_LOCAL_SELF_COMPARISON)

• SA: Nonsensical self computation involving a variable (e.g., x & x) (SA_LOCAL_SELF_COMPUTATION)

DroppedException

This detector looks for code where an exception is caught, but nothing is done to handle the exception.

• DE: Method might drop exception (DE_MIGHT_DROP)

• DE: Method might ignore exception (DE_MIGHT_IGNORE)

LoadOfKnownNullValue

Looks for loads of values known to be null.

• NP: Load of known null value (NP_LOAD_OF_KNOWN_NULL_VALUE)

DumbMethodInvocations

This detector looks for bad arguments being passed to methods (e.g., substring(0)).

• Dm: Hardcoded constant database password (DMI_CONSTANT_DB_PASSWORD)

• Dm: Empty database password (DMI_EMPTY_DB_PASSWORD)

• DMI: Code contains a hard coded reference to an absolute pathname (DMI_HARDCODED_ABSOLUTE_FILENAME)

• DMI: Invocation of substring(0), which returns the original value (DMI_USELESS_SUBSTRING)

URLProblems

The equals and hashCode method on java.net.URL resolve the domain name. As a result, these operations can be very expensive, and this detector looks for places where those methods might be invoked.

• Dm: The equals and hashCode methods of URL are blocking (DMI_BLOCKING_METHODS_ON_URL)

• Dm: Maps and sets of URLs can be performance hogs (DMI_COLLECTION_OF_URLS)

DumbMethods

This detector looks for calls to pointless methods, such as the no-argument String constructor.

• BC: Equals method should not assume anything about the type of its argument (BC_EQUALS_METHOD_SHOULD_WORK_FOR_ALL_OBJECTS)

• BIT: Bitwise add of signed byte value (BIT_ADD_OF_SIGNED_BYTE)

• BIT: Bitwise OR of signed byte value (BIT_IOR_OF_SIGNED_BYTE)

• Dm: Cannot use reflection to check for presence of annotation without runtime retention (DMI_ANNOTATION_IS_NOT_VISIBLE_TO_REFLECTION)

• DMI: Reversed method arguments (DMI_ARGUMENTS_WRONG_ORDER)

• DMI: BigDecimal constructed from double that isn’t represented precisely (DMI_BIGDECIMAL_CONSTRUCTED_FROM_DOUBLE)

• DMI: hasNext method invokes next (DMI_CALLING_NEXT_FROM_HASNEXT)

• Dm: Maps and sets of URLs can be performance hogs (DMI_COLLECTION_OF_URLS)

• DMI: D’oh! A nonsensical method invocation (DMI_DOH)

• Dm: Futile attempt to change max pool size of ScheduledThreadPoolExecutor (DMI_FUTILE_ATTEMPT_TO_CHANGE_MAXPOOL_SIZE_OF_SCHEDULED_THREAD_POOL_EXECUTOR)

• DMI: Double.longBitsToDouble invoked on an int (DMI_LONG_BITS_TO_DOUBLE_INVOKED_ON_INT)

• DMI: Random object created and used only once (DMI_RANDOM_USED_ONLY_ONCE)

• Dm: Creation of ScheduledThreadPoolExecutor with zero core threads (DMI_SCHEDULED_THREAD_POOL_EXECUTOR_WITH_ZERO_CORE_THREADS)

• Dm: Thread passed where Runnable expected (DMI_THREAD_PASSED_WHERE_RUNNABLE_EXPECTED)

• Dm: Useless/vacuous call to EasyMock method (DMI_VACUOUS_CALL_TO_EASYMOCK_METHOD)

• Dm: Method invokes inefficient Boolean constructor; use Boolean.valueOf(…) instead (DM_BOOLEAN_CTOR)

• Bx: Boxing a primitive to compare (DM_BOXED_PRIMITIVE_FOR_COMPARE)

• Bx: Boxing/unboxing to parse a primitive (DM_BOXED_PRIMITIVE_FOR_PARSING)

• Bx: Method allocates a boxed primitive just to call toString (DM_BOXED_PRIMITIVE_TOSTRING)

• Dm: Consider using Locale parameterized version of invoked method (DM_CONVERT_CASE)

• Dm: Method invokes System.exit(…) (DM_EXIT)

• Dm: Explicit garbage collection; extremely dubious except in benchmarking code (DM_GC)

• Dm: Incorrect combination of Math.max and Math.min (DM_INVALID_MIN_MAX)

• Dm: Monitor wait() called on Condition (DM_MONITOR_WAIT_ON_CONDITION)

• Dm: Method allocates an object, only to get the class object (DM_NEW_FOR_GETCLASS)

• Dm: Use the nextInt method of Random rather than nextDouble to generate a random integer (DM_NEXTINT_VIA_NEXTDOUBLE)

• Dm: Method invokes dangerous method runFinalizersOnExit (DM_RUN_FINALIZERS_ON_EXIT)

• Dm: Method invokes inefficient new String(String) constructor (DM_STRING_CTOR)

• Dm: Method invokes toString() method on a String (DM_STRING_TOSTRING)

• Dm: Method invokes inefficient new String() constructor (DM_STRING_VOID_CTOR)

• Dm: A thread was created using the default empty run method (DM_USELESS_THREAD)

• INT: Bad comparison of int value with long constant (INT_BAD_COMPARISON_WITH_INT_VALUE)

• INT: Bad comparison of nonnegative value with negative constant or zero (INT_BAD_COMPARISON_WITH_NONNEGATIVE_VALUE)

• INT: Bad comparison of signed byte (INT_BAD_COMPARISON_WITH_SIGNED_BYTE)

• INT: Integer remainder modulo 1 (INT_BAD_REM_BY_1)

• INT: Vacuous bit mask operation on integer value (INT_VACUOUS_BIT_OPERATION)

• INT: Vacuous comparison of integer value (INT_VACUOUS_COMPARISON)

• NP: Immediate dereference of the result of readLine() (NP_IMMEDIATE_DEREFERENCE_OF_READLINE)

• RANGE: Array index is out of bounds (RANGE_ARRAY_INDEX)

• RANGE: Array length is out of bounds (RANGE_ARRAY_LENGTH)

• RANGE: Array offset is out of bounds (RANGE_ARRAY_OFFSET)

• RANGE: String index is out of bounds (RANGE_STRING_INDEX)

• RV: Random value from 0 to 1 is coerced to the integer 0 (RV_01_TO_INT)

• RV: Bad attempt to compute absolute value of signed 32-bit hashcode (RV_ABSOLUTE_VALUE_OF_HASHCODE)

• RV: Bad attempt to compute absolute value of signed random integer (RV_ABSOLUTE_VALUE_OF_RANDOM_INT)

• RV: Remainder of hashCode could be negative (RV_REM_OF_HASHCODE)

• RV: Remainder of 32-bit signed random integer (RV_REM_OF_RANDOM_INT)

• SW: Certain swing methods need to be invoked in Swing thread (SW_SWING_METHODS_INVOKED_IN_SWING_THREAD)

NumberConstructor

Looks for calls to Number constructors with primitive arguments.

• Bx: Method invokes inefficient floating-point Number constructor; use static valueOf instead (DM_FP_NUMBER_CTOR)

• Bx: Method invokes inefficient Number constructor; use static valueOf instead (DM_NUMBER_CTOR)

FindSqlInjection

This detector uses data flow analysis to look for invocations of execute methods on SQL statements in which something other than a constant string is passed as an argument.

• SQL: Nonconstant string passed to execute or addBatch method on an SQL statement (SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE)

• SQL: A prepared statement is generated from a nonconstant String (SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING)

FindDoubleCheck

This detector looks for instances of double-checked locking.

• DC: Possible double-check of field (DC_DOUBLECHECK)

• DC: Possible exposure of partially initialized object (DC_PARTIALLY_CONSTRUCTED)

FindFinalizeInvocations

This detector looks for calls to finalize() and other finalizer-related issues.

• FI: Empty finalizer should be deleted (FI_EMPTY)

• FI: Explicit invocation of finalizer (FI_EXPLICIT_INVOCATION)

• FI: Finalizer does not call superclass finalizer (FI_MISSING_SUPER_CALL)

• FI: Finalizer nullifies superclass finalizer (FI_NULLIFY_SUPER)

• FI: Finalizer should be protected, not public (FI_PUBLIC_SHOULD_BE_PROTECTED)

• FI: Finalizer does nothing but call superclass finalizer (FI_USELESS)

FindHEmismatch

This detector looks for problems in the definition of the hashCode() and equals() methods.

• Co: Abstract class defines covariant compareTo() method (CO_ABSTRACT_SELF)

• Co: Covariant compareTo() method defined (CO_SELF_NO_OBJECT)

• Eq: Abstract class defines covariant equals() method (EQ_ABSTRACT_SELF)

• Eq: Class defines compareTo(…) and uses Object.equals() (EQ_COMPARETO_USE_OBJECT_EQUALS)

• Eq: Class doesn’t override equals in superclass (EQ_DOESNT_OVERRIDE_EQUALS)

• Eq: Covariant equals() method defined for enum (EQ_DONT_DEFINE_EQUALS_FOR_ENUM)

• Eq: equals() method defined that doesn’t override equals(Object) (EQ_OTHER_NO_OBJECT)

• Eq: equals() method defined that doesn’t override Object.equals(Object) (EQ_OTHER_USE_OBJECT)

• Eq: Covariant equals() method defined (EQ_SELF_NO_OBJECT)

• Eq: Covariant equals() method defined, Object.equals(Object) inherited (EQ_SELF_USE_OBJECT)

• HE: Class defines equals() but not hashCode() (HE_EQUALS_NO_HASHCODE)

• HE: Class defines equals() and uses Object.hashCode() (HE_EQUALS_USE_HASHCODE)

• HE: Class defines hashCode() but not equals() (HE_HASHCODE_NO_EQUALS)

• HE: Class defines hashCode() and uses Object.equals() (HE_HASHCODE_USE_OBJECT_EQUALS)

• HE: Class inherits equals() and uses Object.hashCode() (HE_INHERITS_EQUALS_USE_HASHCODE)

• HE: Signature declares use of unhashable class in hashed construct (HE_SIGNATURE_DECLARES_HASHING_OF_UNHASHABLE_CLASS)

• HE: Use of class without a hashCode() method in a hashed data structure (HE_USE_OF_UNHASHABLE_CLASS)

OverridingEqualsNotSymmetrical

Looks for equals methods that override equals methods in a superclass where the equivalence relationship might not be symmetrical.

• Eq: equals method always returns false (EQ_ALWAYS_FALSE)

• Eq: equals method always returns true (EQ_ALWAYS_TRUE)

• Eq: equals method compares class names rather than class objects (EQ_COMPARING_CLASS_NAMES)

• Eq: equals method fails for subtypes (EQ_GETCLASS_AND_CLASS_CONSTANT)

• Eq: equals method overrides equals in superclass and may not be symmetric (EQ_OVERRIDING_EQUALS_NOT_SYMMETRIC)

• Eq: Unusual equals method (EQ_UNUSUAL)

FindNakedNotify

This detector looks for calls to notify() that don’t seem to modify mutable object state.

• NN: Naked notify (NN_NAKED_NOTIFY)

FindReturnRef

This detector looks for methods that return mutable static data.

• EI: May expose internal representation by returning a buffer sharing non-public data (EI_EXPOSE_BUF)

• EI2: May expose internal representation by creating a buffer which incorporates reference to array (EI_EXPOSE_BUF2)

• EI: May expose internal representation by returning reference to mutable object (EI_EXPOSE_REP)

• EI2: May expose internal representation by incorporating reference to mutable object (EI_EXPOSE_REP2)

• MS: May expose internal static state by creating a buffer which stores an external array into a static field (EI_EXPOSE_STATIC_BUF2)

• MS: May expose internal static state by storing a mutable object into a static field (EI_EXPOSE_STATIC_REP2)

• MS: May expose internal representation by returning a buffer sharing non-public data (MS_EXPOSE_BUF)

• MS: Public static method may expose internal representation by returning a mutable object or array (MS_EXPOSE_REP)

FindRunInvocations

This detector looks for calls to Thread.run(). It is a fast detector.

• Ru: Invokes run on a thread (did you mean to start it instead?) (RU_INVOKE_RUN)

SwitchFallthrough

This detector looks for switch statements containing fall through.

• SF: Dead store due to switch statement fall through (SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH)

• SF: Dead store due to switch statement fall through to throw (SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH_TO_THROW)

• SF: Switch statement found where one case falls through to the next case (SF_SWITCH_FALLTHROUGH)

• SF: Switch statement found where default case is missing (SF_SWITCH_NO_DEFAULT)

FindSpinLoop

This detector looks for loops that spin reading from a field.

• SP: Method spins on field (SP_SPIN_ON_FIELD)

FindNonShortCircuit

This detector looks for suspicious uses of non-short-circuiting boolean operators (| and & instead of || and &&).

• NS: Potentially dangerous use of non-short-circuit logic (NS_DANGEROUS_NON_SHORT_CIRCUIT)

• NS: Questionable use of non-short-circuit logic (NS_NON_SHORT_CIRCUIT)

FindTwoLockWait

This detector looks for calls to wait() with two (or more) locks held. It is a slow detector.

• TLW: Wait with two locks held (TLW_TWO_LOCK_WAIT)

FindUnconditionalWait

This detector looks for calls to wait() not in a conditional or loop.

• UW: Unconditional wait (UW_UNCOND_WAIT)

FindUninitializedGet

This detector looks for reads of uninitialized fields in constructors.

• UR: Uninitialized read of field in constructor (UR_UNINIT_READ)

DontUseEnum

Checks that fields and methods don’t use the name assert or enum as they are keywords in Java 5.

• Nm: Use of identifier that is a keyword in later versions of Java (NM_FUTURE_KEYWORD_USED_AS_IDENTIFIER)

• Nm: Use of identifier that is a keyword in later versions of Java (NM_FUTURE_KEYWORD_USED_AS_MEMBER_IDENTIFIER)

FindUnsyncGet

This detector looks for get and set methods where the get is unsynchronized while the set is synchronized.

• UG: Unsynchronized get method, synchronized set method (UG_SYNC_SET_UNSYNC_GET)

InitializationChain

This detector looks for potentially circular class initialization dependencies.

• IC: Initialization circularity (IC_INIT_CIRCULARITY)

• SI: Static initializer creates instance before all static final fields assigned (SI_INSTANCE_BEFORE_FINALS_ASSIGNED)

IteratorIdioms

This detector looks for problems in how Iterator classes are defined.

• It: Iterator next() method cannot throw NoSuchElementException (IT_NO_SUCH_ELEMENT)

PreferZeroLengthArrays

This detector looks for methods that return either arrays or an explicit null reference. Returning a zero length array is generally preferred in this context to returning a null reference.

• PZLA: Consider returning a zero length array rather than null (PZLA_PREFER_ZERO_LENGTH_ARRAYS)

SynchronizingOnContentsOfFieldToProtectField

This detector looks for code that seems to be synchronizing on a field in order to guard updates of that field.

• ML: Synchronization on field in futile attempt to guard that field (ML_SYNC_ON_FIELD_TO_GUARD_CHANGING_THAT_FIELD)

MutableLock

This detector looks for synchronization on objects read from modified fields.

• ML: Method synchronizes on an updated field (ML_SYNC_ON_UPDATED_FIELD)

FindUselessObjects

Looks for useless objects.

• UC: Useless object created (UC_USELESS_OBJECT)

• UC: Useless object created on stack (UC_USELESS_OBJECT_STACK)

MutableStaticFields

This detector looks for static fields that may be modified by malicious code.

• MS: Field isn’t final and cannot be protected from malicious code (MS_CANNOT_BE_FINAL)

• MS: Field should be both final and package protected (MS_FINAL_PKGPROTECT)

• MS: Field is a mutable array (MS_MUTABLE_ARRAY)

• MS: Field is a mutable collection (MS_MUTABLE_COLLECTION)

• MS: Field is a mutable collection which should be package protected (MS_MUTABLE_COLLECTION_PKGPROTECT)

• MS: Field is a mutable Hashtable (MS_MUTABLE_HASHTABLE)

• MS: Field should be moved out of an interface and made package protected (MS_OOI_PKGPROTECT)

• MS: Field should be package protected (MS_PKGPROTECT)

• MS: Field isn’t final but should be (MS_SHOULD_BE_FINAL)

• MS: Field isn’t final but should be refactored to be so (MS_SHOULD_BE_REFACTORED_TO_BE_FINAL)

Naming

This detector looks for suspiciously-named methods.

• Nm: Class defines equal(Object); should it be equals(Object)? (NM_BAD_EQUAL)

• Nm: Class names should start with an upper case letter (NM_CLASS_NAMING_CONVENTION)

• Nm: Class is not derived from an Exception, even though it is named as such (NM_CLASS_NOT_EXCEPTION)

• Nm: Confusing method names (NM_CONFUSING)

• Nm: Non-final field names should start with a lower case letter, final fields should be uppercase with words separated by underscores (NM_FIELD_NAMING_CONVENTION)

• Nm: Class defines hashcode(); should it be hashCode()? (NM_LCASE_HASHCODE)

• Nm: Class defines tostring(); should it be toString()? (NM_LCASE_TOSTRING)

• Nm: Apparent method/constructor confusion (NM_METHOD_CONSTRUCTOR_CONFUSION)

• Nm: Method names should start with a lower case letter (NM_METHOD_NAMING_CONVENTION)

• Nm: Class names shouldn’t shadow simple name of implemented interface (NM_SAME_SIMPLE_NAME_AS_INTERFACE)

• Nm: Class names shouldn’t shadow simple name of superclass (NM_SAME_SIMPLE_NAME_AS_SUPERCLASS)

• Nm: Very confusing method names (NM_VERY_CONFUSING)

• Nm: Very confusing method names (but perhaps intentional) (NM_VERY_CONFUSING_INTENTIONAL)

• Nm: Method doesn’t override method in superclass due to wrong package for parameter (NM_WRONG_PACKAGE)

• Nm: Method doesn’t override method in superclass due to wrong package for parameter (NM_WRONG_PACKAGE_INTENTIONAL)

ReadReturnShouldBeChecked

This detector looks for calls to InputStream.read() or InputStream.skip() where the return value is ignored.

• RR: Method ignores results of InputStream.read() (RR_NOT_CHECKED)

• RR: Method ignores results of InputStream.skip() (SR_NOT_CHECKED)

SerializableIdiom

This detector looks for potential problems in the implementation of Serializable classes.

• RS: Class’s readObject() method is synchronized (RS_READOBJECT_SYNC)

• Se: Non-transient non-serializable instance field in serializable class (SE_BAD_FIELD)

• Se: Non-serializable class has a serializable inner class (SE_BAD_FIELD_INNER_CLASS)

• Se: Non-serializable value stored into instance field of a serializable class (SE_BAD_FIELD_STORE)

• Se: Serializable inner class (SE_INNER_CLASS)

• Se: Method must be private in order for serialization to work (SE_METHOD_MUST_BE_PRIVATE)

• Se: serialVersionUID isn’t final (SE_NONFINAL_SERIALVERSIONID)

• Se: serialVersionUID isn’t long (SE_NONLONG_SERIALVERSIONID)

• Se: serialVersionUID isn’t static (SE_NONSTATIC_SERIALVERSIONID)

• SnVI: Class is Serializable, but doesn’t define serialVersionUID (SE_NO_SERIALVERSIONID)

• Se: Class is Serializable but its superclass doesn’t define a void constructor (SE_NO_SUITABLE_CONSTRUCTOR)

• Se: Class is Externalizable but doesn’t define a void constructor (SE_NO_SUITABLE_CONSTRUCTOR_FOR_EXTERNALIZATION)

• Se: Prevent overwriting of externalizable objects (SE_PREVENT_EXT_OBJ_OVERWRITE)

• Se: Private readResolve method not inherited by subclasses (SE_PRIVATE_READ_RESOLVE_NOT_INHERITED)

• Se: The readResolve method must not be declared as a static method. (SE_READ_RESOLVE_IS_STATIC)

• Se: The readResolve method must be declared with a return type of Object. (SE_READ_RESOLVE_MUST_RETURN_OBJECT)

• Se: Transient field that isn’t set by deserialization. (SE_TRANSIENT_FIELD_NOT_RESTORED)

• Se: Transient field of class that isn’t Serializable. (SE_TRANSIENT_FIELD_OF_NONSERIALIZABLE_CLASS)

• WS: Class’s writeObject() method is synchronized but nothing else is (WS_WRITEOBJECT_SYNC)

StartInConstructor

This detector looks for constructors that start threads.

• SC: Constructor invokes Thread.start() (SC_START_IN_CTOR)

FindBadForLoop

This detector looks for incorrect for loops.

• QF: Complicated, subtle or wrong increment in for-loop (QF_QUESTIONABLE_FOR_LOOP)

ExplicitSerialization

Looks for explicit serialization via readObject and writeObject as evidence that this class is, indeed, serialized.

• :ref:``

UnreadFields

This detector looks for fields whose value is never read.

• NP: Read of unwritten field (NP_UNWRITTEN_FIELD)

• NP: Read of unwritten public or protected field (NP_UNWRITTEN_PUBLIC_OR_PROTECTED_FIELD)

• SIC: Should be a static inner class (SIC_INNER_SHOULD_BE_STATIC)

• SIC: Could be refactored into a named static inner class (SIC_INNER_SHOULD_BE_STATIC_ANON)

• SIC: Could be refactored into a static inner class (SIC_INNER_SHOULD_BE_STATIC_NEEDS_THIS)

• SIC: Deadly embrace of non-static inner class and thread local (SIC_THREADLOCAL_DEADLY_EMBRACE)

• SS: Unread field: should this field be static? (SS_SHOULD_BE_STATIC)

• ST: Write to static field from instance method (ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD)

• UrF: Unread field (URF_UNREAD_FIELD)

• UrF: Unread public/protected field (URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD)

• UuF: Unused field (UUF_UNUSED_FIELD)

• UuF: Unused public or protected field (UUF_UNUSED_PUBLIC_OR_PROTECTED_FIELD)

• UwF: Field not initialized in constructor but dereferenced without null check (UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR)

• UwF: Field only ever set to null (UWF_NULL_FIELD)

• UwF: Unwritten field (UWF_UNWRITTEN_FIELD)

• UwF: Unwritten public or protected field (UWF_UNWRITTEN_PUBLIC_OR_PROTECTED_FIELD)

WaitInLoop

This detector looks for calls to wait() that are not in a loop.

• No: Using notify() rather than notifyAll() (NO_NOTIFY_NOT_NOTIFYALL)

• Wa: Condition.await() not in loop (WA_AWAIT_NOT_IN_LOOP)

• Wa: Wait not in loop (WA_NOT_IN_LOOP)

FindComparatorProblems

This detector looks for problems in Comparator.compare or Comparable.compareTo implementation.

• Co: compareTo()/compare() incorrectly handles float or double value (CO_COMPARETO_INCORRECT_FLOATING)

• Co: compareTo()/compare() returns Integer.MIN_VALUE (CO_COMPARETO_RESULTS_MIN_VALUE)

FindNullDeref

This detector looks for places where a null pointer exception might occur. It also looks for redundant comparisons of reference values against null. It is a slow detector.

• NP: Null pointer dereference (NP_ALWAYS_NULL)

• NP: Null pointer dereference in method on exception path (NP_ALWAYS_NULL_EXCEPTION)

• NP: Method does not check for null argument (NP_ARGUMENT_MIGHT_BE_NULL)

• NP: Clone method may return null (NP_CLONE_COULD_RETURN_NULL)

• NP: close() invoked on a value that is always null (NP_CLOSING_NULL)

• NP: Dereference of the result of readLine() without nullcheck (NP_DEREFERENCE_OF_READLINE_VALUE)

• NP: equals() method does not check for null argument (NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT)

• NP: Null value is guaranteed to be dereferenced (NP_GUARANTEED_DEREF)

• NP: Value is null and guaranteed to be dereferenced on exception path (NP_GUARANTEED_DEREF_ON_EXCEPTION_PATH)

• NP: Method call passes null to a non-null parameter (NP_NONNULL_PARAM_VIOLATION)

• NP: Method may return null, but is declared @Nonnull (NP_NONNULL_RETURN_VIOLATION)

• NP: Possible null pointer dereference (NP_NULL_ON_SOME_PATH)

• NP: Possible null pointer dereference in method on exception path (NP_NULL_ON_SOME_PATH_EXCEPTION)

• NP: Possible null pointer dereference due to return value of called method (NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE)

• NP: Possible null pointer dereference on branch that might be infeasible (NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE)

• NP: Method call passes null for non-null parameter (NP_NULL_PARAM_DEREF)

• NP: Method call passes null for non-null parameter (NP_NULL_PARAM_DEREF_ALL_TARGETS_DANGEROUS)

• NP: Non-virtual method call passes null for non-null parameter (NP_NULL_PARAM_DEREF_NONVIRTUAL)

• NP: Store of null value into field annotated @Nonnull (NP_STORE_INTO_NONNULL_FIELD)

• NP: toString method may return null (NP_TOSTRING_COULD_RETURN_NULL)

• RCN: Redundant comparison of non-null value to null (RCN_REDUNDANT_COMPARISON_OF_NULL_AND_NONNULL_VALUE)

• RCN: Redundant comparison of two null values (RCN_REDUNDANT_COMPARISON_TWO_NULL_VALUES)

• RCN: Redundant nullcheck of value known to be non-null (RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE)

• RCN: Redundant nullcheck of value known to be null (RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE)

• RCN: Nullcheck of value previously dereferenced (RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE)

FindNullDerefsInvolvingNonShortCircuitEvaluation

This detector looks for places where a null pointer exception might occur, and the use of non-short-circuit evaluation causes the usual techniques to fail.

• NP: Null value is guaranteed to be dereferenced (NP_GUARANTEED_DEREF)

• NP: Possible null pointer dereference (NP_NULL_ON_SOME_PATH)

FindOpenStream

This detector looks for IO stream objects which do not escape the method and do not appear to be closed on all paths out of the method. It is a slow detector.

• ODR: Method may fail to close database resource (ODR_OPEN_DATABASE_RESOURCE)

• ODR: Method may fail to close database resource on exception (ODR_OPEN_DATABASE_RESOURCE_EXCEPTION_PATH)

• OS: Method may fail to close stream (OS_OPEN_STREAM)

• OS: Method may fail to close stream on exception (OS_OPEN_STREAM_EXCEPTION_PATH)

FindUselessControlFlow

This detector looks for control flow statements which have no effect.

• UCF: Useless control flow (UCF_USELESS_CONTROL_FLOW)

• UCF: Useless control flow to next line (UCF_USELESS_CONTROL_FLOW_NEXT_LINE)

FindUnreleasedLock

This detector looks for JSR-166 (java.util.concurrent) locks which are acquired, but not released on all paths out of the method. It is a moderately fast detector. Note that in order to use this detector, you need to have the java.util.concurrent package in the auxiliary classpath (or be analyzing the package itself).

• UL: Method does not release lock on all paths (UL_UNRELEASED_LOCK)

• UL: Method does not release lock on all exception paths (UL_UNRELEASED_LOCK_EXCEPTION_PATH)

FindRefComparison

This detector looks for places where two reference values are compared with the == or != operator, and the class is of a type (such as java.lang.String) where comparing reference values is generally an error. It is a slow detector.

• DMI: D’oh! A nonsensical method invocation (DMI_DOH)

• EC: equals() used to compare array and nonarray (EC_ARRAY_AND_NONARRAY)

• EC: Invocation of equals() on an array, which is equivalent to == (EC_BAD_ARRAY_COMPARE)

• EC: equals(…) used to compare incompatible arrays (EC_INCOMPATIBLE_ARRAY_COMPARE)

• EC: Call to equals(null) (EC_NULL_ARG)

• EC: Call to equals() comparing unrelated class and interface (EC_UNRELATED_CLASS_AND_INTERFACE)

• EC: Call to equals() comparing different interface types (EC_UNRELATED_INTERFACES)

• EC: Call to equals() comparing different types (EC_UNRELATED_TYPES)

• EC: Using pointer equality to compare different types (EC_UNRELATED_TYPES_USING_POINTER_EQUALITY)

• ES: Comparison of String parameter using == or != (ES_COMPARING_PARAMETER_STRING_WITH_EQ)

• ES: Comparison of String objects using == or != (ES_COMPARING_STRINGS_WITH_EQ)

• RC: Suspicious reference comparison (RC_REF_COMPARISON)

• RC: Suspicious reference comparison to constant (RC_REF_COMPARISON_BAD_PRACTICE)

• RC: Suspicious reference comparison of Boolean values (RC_REF_COMPARISON_BAD_PRACTICE_BOOLEAN)

FindMismatchedWaitOrNotify

This detector looks for calls to wait(), notify(), or notifyAll() which do not appear to be made on an object which is currently locked. It is a moderately fast detector. This detector is disabled because it is still under development, and produces too many false positives.

• MWN: Mismatched notify() (MWN_MISMATCHED_NOTIFY)

• MWN: Mismatched wait() (MWN_MISMATCHED_WAIT)

FindEmptySynchronizedBlock

This detector looks for empty synchronized blocks.

• ESync: Empty synchronized block (ESync_EMPTY_SYNC)

FindInconsistentSync2

This detector looks for fields that are accessed in an inconsistent manner with respect to locking. It is a slow detector.

• IS: Inconsistent synchronization (IS2_INCONSISTENT_SYNC)

• IS: Field not guarded against concurrent access (IS_FIELD_NOT_GUARDED)

• MSF: Mutable servlet field (MSF_MUTABLE_SERVLET_FIELD)

FindLocalSelfAssignment2

This detector looks for self assignments of local variables.

• SA: Self assignment of local variable (SA_LOCAL_SELF_ASSIGNMENT)

• SA: Self assignment of local rather than assignment to field (SA_LOCAL_SELF_ASSIGNMENT_INSTEAD_OF_FIELD)

IncompatMask

This detector looks for suspicious bitwise logical expressions.

• BIT: Incompatible bit masks (BIT_AND)

• BIT: Check to see if ((…) & 0) == 0 (BIT_AND_ZZ)

• BIT: Incompatible bit masks (BIT_IOR)

• BIT: Check for sign of bitwise operation (BIT_SIGNED_CHECK)

• BIT: Check for sign of bitwise operation involving negative number (BIT_SIGNED_CHECK_HIGH_BIT)

LazyInit

This detector looks for lazy field initialization where the field is not volatile. It is a moderately fast detector.

• LI: Incorrect lazy initialization of static field (LI_LAZY_INIT_STATIC)

• LI: Incorrect lazy initialization and update of static field (LI_LAZY_INIT_UPDATE_STATIC)

FindJSR166LockMonitorenter

This detector looks for ordinary synchronization performed on JSR166 locks. It is a moderately fast detector.

• JLM: Synchronization performed on Lock (JLM_JSR166_LOCK_MONITORENTER)

• JLM: Synchronization performed on util.concurrent instance (JLM_JSR166_UTILCONCURRENT_MONITORENTER)

• JLM: Using monitor style wait methods on util.concurrent abstraction (JML_JSR166_CALLING_WAIT_RATHER_THAN_AWAIT)

FindUncalledPrivateMethods

This detector looks for private methods that are never called.

• UPM: Private method is never called (UPM_UNCALLED_PRIVATE_METHOD)

UncallableMethodOfAnonymousClass

This detector looks for anonymous inner classes that define methods that are probably intended to but do not override methods in a superclass.

• UMAC: Uncallable method defined in anonymous class (UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS)

StringConcatenation

This detector looks for String concatenation in loops using +.

• SBSC: Method concatenates strings using + in a loop (SBSC_USE_STRINGBUFFER_CONCATENATION)

InvalidJUnitTest

This detector looks for JUnit tests that are malformed.

• IJU: TestCase declares a bad suite method (IJU_BAD_SUITE_METHOD)

• IJU: TestCase has no tests (IJU_NO_TESTS)

• IJU: TestCase defines setUp that doesn’t call super.setUp() (IJU_SETUP_NO_SUPER)

• IJU: TestCase implements a non-static suite method (IJU_SUITE_NOT_STATIC)

• IJU: TestCase defines tearDown that doesn’t call super.tearDown() (IJU_TEARDOWN_NO_SUPER)

BadlyOverriddenAdapter

This detector looks for code that extends an Adapter class and overrides a Listener method with the wrong signature.

• BOA: Class overrides a method implemented in super class Adapter wrongly (BOA_BADLY_OVERRIDDEN_ADAPTER)

BadResultSetAccess

This detector looks for calls to getXXX or setXXX methods of a result set where the field index is 0. As ResultSet fields start at index 1, this is always a mistake.

• SQL: Method attempts to access a prepared statement parameter with index 0 (SQL_BAD_PREPARED_STATEMENT_ACCESS)

• SQL: Method attempts to access a result set field with index 0 (SQL_BAD_RESULTSET_ACCESS)

SuperfluousInstanceOf

This detector looks for type checks using the instanceof operator where the determination can be done statically.

• SIO: Unnecessary type check done using instanceof operator (SIO_SUPERFLUOUS_INSTANCEOF)

SuspiciousThreadInterrupted

This detector looks for calls to Thread.interrupted() from a non-static context. If it is called from Thread.currentThread().interrupted(), then it is just a useless exercise, just use Thread.interrupted(). However if it is called on an arbitrary thread object, it is most probably an error, as interrupted() is always called on the current thread.

• STI: Unneeded use of currentThread() call, to call interrupted() (STI_INTERRUPTED_ON_CURRENTTHREAD)

• STI: Static Thread.interrupted() method invoked on thread instance (STI_INTERRUPTED_ON_UNKNOWNTHREAD)

FindDeadLocalStores

This detector looks for assignments to local variables that are never subsequently read. It is a moderately fast detector.

• DLS: Useless increment in return statement (DLS_DEAD_LOCAL_INCREMENT_IN_RETURN)

• DLS: Dead store to local variable (DLS_DEAD_LOCAL_STORE)

• DLS: Dead store of null to local variable (DLS_DEAD_LOCAL_STORE_OF_NULL)

• DLS: Dead store to local variable that shadows field (DLS_DEAD_LOCAL_STORE_SHADOWS_FIELD)

• DLS: Dead store of class literal (DLS_DEAD_STORE_OF_CLASS_LITERAL)

• IP: A parameter is dead upon entry to a method but overwritten (IP_PARAMETER_IS_DEAD_BUT_OVERWRITTEN)

FindMaskedFields

This detector looks for class level fields that are masked by local fields defined in methods.

• MF: Class defines field that masks a superclass field (MF_CLASS_MASKS_FIELD)

• MF: Method defines a variable that obscures a field (MF_METHOD_MASKS_FIELD)

WrongMapIterator

This detector looks for accessing the value of a Map entry, using a key that was retrieved from a keySet iterator.

• WMI: Inefficient use of keySet iterator instead of entrySet iterator (WMI_WRONG_MAP_ITERATOR)

InstantiateStaticClass

This detector looks for code that creates objects based on classes that only define static methods.

• ISC: Needless instantiation of class that only supplies static methods (ISC_INSTANTIATE_STATIC_CLASS)

RuntimeExceptionCapture

This detector looks for catch clauses that catch Exception, when no code in the block throws Exception.

• REC: Exception is caught when Exception is not thrown (REC_CATCH_EXCEPTION)

DontCatchNullPointerException

Nullpointer exceptions should not be caught.

• DCN: NullPointerException caught (DCN_NULLPOINTER_EXCEPTION)

FindFloatEquality

Looks for floating point equality expressions. A fast detector.

• FE: Test for floating point equality (FE_FLOATING_POINT_EQUALITY)

• FE: Doomed test for equality to NaN (FE_TEST_IF_EQUAL_TO_NOT_A_NUMBER)

FindUnsatisfiedObligation

This detector looks for I/O streams and database resources that are not cleaned up on all paths out of a method. This is a slow detector.

• OBL: Method may fail to clean up stream or resource (OBL_UNSATISFIED_OBLIGATION)

• OBL: Method may fail to clean up stream or resource on checked exception (OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE)

UnnecessaryMath

This detector looks for code that calls java.lang.Math static methods on constant values, where the resultant value is a statically known constant. It is faster, and sometimes more accurate, to use the constant instead.

• UM: Method calls static Math class method on a constant value (UM_UNNECESSARY_MATH)

RedundantInterfaces

This detector looks for classes that declare they implement the same interface as a super class. This is redundant, if a superclass implements an interface, so does the subclass.

• RI: Class implements same interface as superclass (RI_REDUNDANT_INTERFACES)

MultithreadedInstanceAccess

This detector looks for potential problems in implementing the Struts framework.

• MTIA: Class extends Servlet class and uses instance variables (MTIA_SUSPECT_SERVLET_INSTANCE_FIELD)

• MTIA: Class extends Struts Action class and uses instance variables (MTIA_SUSPECT_STRUTS_INSTANCE_FIELD)

BadUseOfReturnValue

Looks for cases where the return value of a function is discarded after being checked for non-null.

• RV: Method checks to see if result of String.indexOf is positive (RV_CHECK_FOR_POSITIVE_INDEXOF)

• RV: Method discards result of readLine after checking if it is non-null (RV_DONT_JUST_NULL_CHECK_READLINE)

MethodReturnCheck

This detector looks for calls to methods where the return value is suspiciously ignored.

• RV: Code checks for specific values returned by compareTo (RV_CHECK_COMPARETO_FOR_SPECIFIC_RETURN_VALUE)

• RV: Exception created and dropped rather than thrown (RV_EXCEPTION_NOT_THROWN)

• RV: Method ignores return value (RV_RETURN_VALUE_IGNORED)

• RV: Method ignores exceptional return value (RV_RETURN_VALUE_IGNORED_BAD_PRACTICE)

• RV: Method ignores return value, is this OK? (RV_RETURN_VALUE_IGNORED_INFERRED)

• RV: Return value of method without side effect is ignored (RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT)

• UC: Useless non-empty void method (UC_USELESS_VOID_METHOD)

IDivResultCastToDouble

This detector looks for places where the result of integer division is cast to double. Often, what was meant was to cast the integer operands to double and then perform the division.

• ICAST: Integral division result cast to double or float (ICAST_IDIV_CAST_TO_DOUBLE)

• ICAST: Integral value cast to double and then passed to Math.ceil (ICAST_INT_CAST_TO_DOUBLE_PASSED_TO_CEIL)

• ICAST: int value cast to float and then passed to Math.round (ICAST_INT_CAST_TO_FLOAT_PASSED_TO_ROUND)

FindBadCast2

This detector looks for bad casts of object references using data flow analysis.

• BC: Questionable cast to abstract collection (BC_BAD_CAST_TO_ABSTRACT_COLLECTION)

• BC: Questionable cast to concrete collection (BC_BAD_CAST_TO_CONCRETE_COLLECTION)

• BC: Impossible cast (BC_IMPOSSIBLE_CAST)

• BC: Impossible downcast (BC_IMPOSSIBLE_DOWNCAST)

• BC: Impossible downcast of toArray() result (BC_IMPOSSIBLE_DOWNCAST_OF_TOARRAY)

• BC: instanceof will always return false (BC_IMPOSSIBLE_INSTANCEOF)

• BC: Unchecked/unconfirmed cast (BC_UNCONFIRMED_CAST)

• BC: Unchecked/unconfirmed cast of return value from method (BC_UNCONFIRMED_CAST_OF_RETURN_VALUE)

• BC: instanceof will always return true (BC_VACUOUS_INSTANCEOF)

• NP: A known null value is checked to see if it is an instance of a type (NP_NULL_INSTANCEOF)

FindUseOfNonSerializableValue

This detector looks for uses of non Serializable objects in contexts that require them to be serializable.

• DMI: Non serializable object written to ObjectOutput (DMI_NONSERIALIZABLE_OBJECT_WRITTEN)

• J2EE: Store of non serializable object into HttpSession (J2EE_STORE_OF_NON_SERIALIZABLE_OBJECT_INTO_SESSION)

BadSyntaxForRegularExpression

This detector looks for regular expressions that have invalid syntax.

• RE: Invalid syntax for regular expression (RE_BAD_SYNTAX_FOR_REGULAR_EXPRESSION)

• RE: File.separator used for regular expression (RE_CANT_USE_FILE_SEPARATOR_AS_REGULAR_EXPRESSION)

• RE: “.” or “|” used for regular expression (RE_POSSIBLE_UNINTENDED_PATTERN)

VarArgsProblems

Looks for problems with arising from Java 5 varargs.

• VA: Primitive array passed to function expecting a variable number of object arguments (VA_PRIMITIVE_ARRAY_PASSED_TO_OBJECT_VARARG)

FindPuzzlers

This detector looks for miscellaneous small errors mentioned by Joshua Bloch and Neal Gafter in their work on Programming Puzzlers.

• BSHIFT: Possible bad parsing of shift operation (BSHIFT_WRONG_ADD_PRIORITY)

• Bx: Primitive value is boxed and then immediately unboxed (BX_BOXING_IMMEDIATELY_UNBOXED)

• Bx: Primitive value is boxed then unboxed to perform primitive coercion (BX_BOXING_IMMEDIATELY_UNBOXED_TO_PERFORM_COERCION)

• Bx: Primitive value is unboxed and coerced for ternary operator (BX_UNBOXED_AND_COERCED_FOR_TERNARY_OPERATOR)

• Bx: Boxed value is unboxed and then immediately reboxed (BX_UNBOXING_IMMEDIATELY_REBOXED)

• DLS: Useless assignment in return statement (DLS_DEAD_LOCAL_STORE_IN_RETURN)

• DLS: Overwritten increment (DLS_OVERWRITTEN_INCREMENT)

• DMI: Bad constant value for month (DMI_BAD_MONTH)

• DMI: Adding elements of an entry set may fail due to reuse of Entry objects (DMI_ENTRY_SETS_MAY_REUSE_ENTRY_OBJECTS)

• DMI: Invocation of hashCode on an array (DMI_INVOKING_HASHCODE_ON_ARRAY)

• USELESS_STRING: Invocation of toString on an unnamed array (DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY)

• USELESS_STRING: Invocation of toString on an array (DMI_INVOKING_TOSTRING_ON_ARRAY)

• EC: Invocation of equals() on an array, which is equivalent to == (EC_BAD_ARRAY_COMPARE)

• BSHIFT: 32 bit int shifted by an amount not in the range -31..31 (ICAST_BAD_SHIFT_AMOUNT)

• ICAST: Result of integer multiplication cast to long (ICAST_INTEGER_MULTIPLY_CAST_TO_LONG)

• BSHIFT: Unsigned right shift cast to short/byte (ICAST_QUESTIONABLE_UNSIGNED_RIGHT_SHIFT)

• IC: Superclass uses subclass during initialization (IC_SUPERCLASS_USES_SUBCLASS_DURING_INITIALIZATION)

• IJU: JUnit assertion in run method will not be noticed by JUnit (IJU_ASSERT_METHOD_INVOKED_FROM_RUN_METHOD)

• IM: Computation of average could overflow (IM_AVERAGE_COMPUTATION_COULD_OVERFLOW)

• IM: Check for oddness that won’t work for negative numbers (IM_BAD_CHECK_FOR_ODD)

• IM: Integer multiply of result of integer remainder (IM_MULTIPLYING_RESULT_OF_IREM)

• PZ: Don’t reuse entry objects in iterators (PZ_DONT_REUSE_ENTRY_OBJECTS_IN_ITERATORS)

• RV: Negating the result of compareTo()/compare() (RV_NEGATING_RESULT_OF_COMPARETO)

IntCast2LongAsInstant

Finds uses of 32-bit values to describe milliseconds since the epoch.

• ICAST: int value converted to long and used as absolute time (ICAST_INT_2_LONG_AS_INSTANT)

FindSleepWithLockHeld

This detector looks for calls to Thread.sleep() made with a lock held. It is a slow detector.

• SWL: Method calls Thread.sleep() with a lock held (SWL_SLEEP_WITH_LOCK_HELD)

DuplicateBranches

This detector looks for if/else or switch statements that have the same code for two branches, thus rendering the test useless. This often is caused by copying and pasting the two branches, causing incorrect logic for the one branch.

• DB: Method uses the same code for two branches (DB_DUPLICATE_BRANCHES)

• DB: Method uses the same code for two switch clauses (DB_DUPLICATE_SWITCH_CLAUSES)

XMLFactoryBypass

This detector looks for direct allocations of implementations of XML interfaces. This ties the code to a specific implementation, rather than using the supplied factory pattern to create these objects.

• XFB: Method directly allocates a specific implementation of xml interfaces (XFB_XML_FACTORY_BYPASS)

ConfusedInheritance

This detector looks for final classes that declare protected members. As this class cannot be derived from, the use of protected access for members is incorrect. The access should be changed to public or private to represent the correct intention of the field. This was probably caused by a change in use for this class, without completely changing all of the class to the new paradigm.

• CI: Class is final but declares protected field (CI_CONFUSED_INHERITANCE)

QuestionableBooleanAssignment

This detector looks for simple assignments of literal boolean values to variables in conditional expressions.

• QBA: Method assigns boolean literal in boolean expression (QBA_QUESTIONABLE_BOOLEAN_ASSIGNMENT)

AppendingToAnObjectOutputStream

Looks for an attempt to append to an object output stream.

• IO: Doomed attempt to append to an object output stream (IO_APPENDING_TO_OBJECT_OUTPUT_STREAM)

StaticCalendarDetector

This detector warns about static fields of type java.util.Calendar or java.text.DateFormat (and subclasses) because Calendars are inherently unsafe for multithreaded use.

• STCAL: Call to static Calendar (STCAL_INVOKE_ON_STATIC_CALENDAR_INSTANCE)

• STCAL: Call to static DateFormat (STCAL_INVOKE_ON_STATIC_DATE_FORMAT_INSTANCE)

• STCAL: Static Calendar field (STCAL_STATIC_CALENDAR_INSTANCE)

• STCAL: Static DateFormat (STCAL_STATIC_SIMPLE_DATE_FORMAT_INSTANCE)

CheckTypeQualifiers

Check for violations of properties specified by JSR-305 type qualifier annotations.

• TQ: Value annotated as carrying a type qualifier used where a value that must not carry that qualifier is required (TQ_ALWAYS_VALUE_USED_WHERE_NEVER_REQUIRED)

• TQ: Comparing values with incompatible type qualifiers (TQ_COMPARING_VALUES_WITH_INCOMPATIBLE_TYPE_QUALIFIERS)

• TQ: Value required to have type qualifier, but marked as unknown (TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_ALWAYS_SINK)

• TQ: Value required to not have type qualifier, but marked as unknown (TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_NEVER_SINK)

• TQ: Value that might not carry a type qualifier is always used in a way requires that type qualifier (TQ_MAYBE_SOURCE_VALUE_REACHES_ALWAYS_SINK)

• TQ: Value that might carry a type qualifier is always used in a way prohibits it from having that type qualifier (TQ_MAYBE_SOURCE_VALUE_REACHES_NEVER_SINK)

• TQ: Value annotated as never carrying a type qualifier used where value carrying that qualifier is required (TQ_NEVER_VALUE_USED_WHERE_ALWAYS_REQUIRED)

• TQ: Value without a type qualifier used where a value is required to have that qualifier (TQ_UNKNOWN_VALUE_USED_WHERE_ALWAYS_STRICTLY_REQUIRED)

CrossSiteScripting

This detector looks for obvious/blatant cases of cross site scripting vulnerabilities.

• HRS: HTTP cookie formed from untrusted input (HRS_REQUEST_PARAMETER_TO_COOKIE)

• HRS: HTTP Response splitting vulnerability (HRS_REQUEST_PARAMETER_TO_HTTP_HEADER)

• PT: Absolute path traversal in servlet (PT_ABSOLUTE_PATH_TRAVERSAL)

• PT: Relative path traversal in servlet (PT_RELATIVE_PATH_TRAVERSAL)

• XSS: JSP reflected cross site scripting vulnerability (XSS_REQUEST_PARAMETER_TO_JSP_WRITER)

• XSS: Servlet reflected cross site scripting vulnerability in error page (XSS_REQUEST_PARAMETER_TO_SEND_ERROR)

• XSS: Servlet reflected cross site scripting vulnerability (XSS_REQUEST_PARAMETER_TO_SERVLET_WRITER)

DontIgnoreResultOfPutIfAbsent

Checks that if the result of putIfAbsent is ignored, the value passed as the second argument is not reused.

• RV: Return value of putIfAbsent ignored, value passed to putIfAbsent reused (RV_RETURN_VALUE_OF_PUTIFABSENT_IGNORED)

ReadOfInstanceFieldInMethodInvokedByConstructorInSuperclass

Checks for methods invoked from constructors for superclasses.

• UR: Uninitialized read of field method called from constructor of superclass (UR_UNINIT_READ_CALLED_FROM_SUPER_CONSTRUCTOR)

AtomicityProblem

Finds sequences of operations (e.g., get/put) on a concurrent abstraction that will not be executed atomically.

• AT: Sequence of calls to concurrent abstraction may not be atomic (AT_OPERATION_SEQUENCE_ON_CONCURRENT_ABSTRACTION)

DefaultEncodingDetector

Checks for calls to methods which perform a byte to String (or String to byte) conversion using the user’s default platform encoding. This can cause the application behavior to vary between platforms.

• Dm: Reliance on default encoding (DM_DEFAULT_ENCODING)

CheckRelaxingNullnessAnnotation

Checks that overriding methods do not relax @Nonnull (made @CheckForNull) on return values or @CheckForNull (made @Nonnull) on parameters.

• NP: Method tightens nullness annotation on parameter (NP_METHOD_PARAMETER_TIGHTENS_ANNOTATION)

• NP: Method relaxes nullness annotation on return value (NP_METHOD_RETURN_RELAXING_ANNOTATION)

DontAssertInstanceofInTests

Detector for patterns in JUnit tests where the type of an object is checked by asserting the instanceof operator.

This should be avoided as the ClassCastException that would result from an improper cast may provide more information regarding the cause of the error than a “false is not true” message which would result from asserting the result of the instanceof operator.

It is a fast detector

• JUA: Asserting value of instanceof in tests is not recommended. (JUA_DONT_ASSERT_INSTANCEOF_IN_TESTS)

FindBadEndOfStreamCheck

Detector for patterns where the return value of java.io.FileInputStream.read() or java.io.FileReader.read() is converted before checking against -1.

Both methods return an int. If this int is converted to byte (in the case of FileInputStream.read()) then -1 and the byte 0xFF become indistinguishable. If it is converted to char (in the case of FileReader.read()) then -1 becomes 0xFFFF which is Character.MAX_VALUE since characters are unsigned in Java.

• EOS: Data read is converted before comparison to -1 (EOS_BAD_END_OF_STREAM_CHECK)

ReflectionIncreaseAccessibility

Detector for public methods instantiating a class they get in their parameter.

An attacker may invoke this method with a class that has no public constructor.

• REFLC: Public method uses reflection to create a class it gets in its parameter which could increase the accessibility of any class (REFLC_REFLECTION_MAY_INCREASE_ACCESSIBILITY_OF_CLASS)

• REFLF: Public method uses reflection to modify a field it gets in its parameter which could increase the accessibility of any class (REFLF_REFLECTION_MAY_INCREASE_ACCESSIBILITY_OF_FIELD)

FindOverridableMethodCall

Detector for patterns where a constructor, a clone(), or a readObject() method calls an overridable method.

Calling an overridable method from a constructor may result in the use of uninitialized data. Calling such method from a clone(), or readObject() method is insecure.

• MC: An overridable method is called from the clone() method. (MC_OVERRIDABLE_METHOD_CALL_IN_CLONE)

• MC: An overridable method is called from a constructor (MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR)

• MC: An overridable method is called from the readObject method. (MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT)

ConstructorThrow

Finds constructors that throw exceptions.

• CT: Be wary of letting constructors throw exceptions. (CT_CONSTRUCTOR_THROW)

FindInstanceLockOnSharedStaticData

Detector for patterns where a shared static data is modified by either an instance level non-static synchronized method, or inside a synchronized block, which used a non-static lock object.

Programs must not use instance locks to protect static shared data because instance locks are ineffective when two or more instances of the class are created. Consequently, failure to use a static lock object leaves the shared state unprotected against concurrent access.

• SSD: Instance level lock was used on a shared static data (SSD_DO_NOT_USE_INSTANCE_LOCK_ON_SHARED_STATIC_DATA)

DontUseFloatsAsLoopCounters

Checks for floats in loop counters.

• FL: Do not use floating-point variables as loop counters (FL_FLOATS_AS_LOOP_COUNTERS)

PermissionsSuper

Checks method getPermissions() of classes implementing interface java.security.SecureClassLoader. The methods must always call super.getPermissions() to get the initial value of the object which they return at the end.

• PERM: Custom class loader does not call its superclass’s getPermissions() (PERM_SUPER_NOT_CALLED_IN_GETPERMISSIONS)

FindPotentialSecurityCheckBasedOnUntrustedSource

Looks for potential security checks on an untrusted source before entering a doPrivileged block.

• USC: Potential security check based on untrusted source. (USC_POTENTIAL_SECURITY_CHECK_BASED_ON_UNTRUSTED_SOURCE)

FindAssertionsWithSideEffects

Finds assertions with side effects.

• ASE: Expression in assertion may produce a side effect (ASE_ASSERTION_WITH_SIDE_EFFECT)

• ASE: Method invoked in assertion may produce a side effect (ASE_ASSERTION_WITH_SIDE_EFFECT_METHOD)

FindPublicAttributes

This detector looks for public attributes that are also written by the methods of the class.

• PA: Array-type field is public (PA_PUBLIC_ARRAY_ATTRIBUTE)

• PA: Mutable object-type field is public (PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE)

• PA: Primitive field is public (PA_PUBLIC_PRIMITIVE_ATTRIBUTE)

FindVulnerableSecurityCheckMethods

Methods that perform security checks should be prevented from being overridden, so they must be declared as private or final. Otherwise, these methods can be compromised when a malicious subclass overrides them and omits the checks.

• VSC: Non-Private and non-final security check methods are vulnerable (VSC_VULNERABLE_SECURITY_CHECK_METHODS)

FindArgumentAssertions

Finds assertions that validate public method arguments.

• AA: Assertion is used to validate an argument of a public method (AA_ASSERTION_OF_ARGUMENTS)

UnnecessaryEnvUsage

Checks for calls of System.getenv(), where the variable has an equivalent Java property too.

• ENV: It is preferable to use portable Java property instead of environment variable. (ENV_USE_PROPERTY_INSTEAD_OF_ENV)

MultipleInstantiationsOfSingletons

This detector looks for violations of the idioms for writing classes using singleton design pattern.

• SING: Instance-getter method of class using singleton design pattern is not synchronized. (SING_SINGLETON_GETTER_NOT_SYNCHRONIZED)

• SING: Class using singleton design pattern has non-private constructor. (SING_SINGLETON_HAS_NONPRIVATE_CONSTRUCTOR)

• SING: Class using singleton design pattern directly implements Cloneable interface. (SING_SINGLETON_IMPLEMENTS_CLONEABLE)

• SING: Class using singleton design pattern implements clone() method without being an unconditional CloneNotSupportedException-thrower. (SING_SINGLETON_IMPLEMENTS_CLONE_METHOD)

• SING: Class using singleton design pattern directly or indirectly implements Serializable interface. (SING_SINGLETON_IMPLEMENTS_SERIALIZABLE)

• SING: Class using singleton design pattern indirectly implements Cloneable interface. (SING_SINGLETON_INDIRECTLY_IMPLEMENTS_CLONEABLE)