The following document contains the results of SpotBugs
SpotBugs Version is 4.9.8
Threshold is medium
Effort is default
Summary
| Classes |
Bugs |
Errors |
Missing Classes |
| 183 |
14 |
0 |
0 |
| Bug |
Category |
Details |
Line |
Priority |
| io.wcm.handler.media.MediaComponentPropertyResolver.getMandatoryMediaFormatNames() may return null, but is declared @Nonnull |
CORRECTNESS |
NP_NONNULL_RETURN_VIOLATION |
195 |
High |
| io.wcm.handler.media.MediaComponentPropertyResolver.getMediaFormatNames() may return null, but is declared @Nonnull |
CORRECTNESS |
NP_NONNULL_RETURN_VIOLATION |
175 |
High |
| io.wcm.handler.media.MediaComponentPropertyResolver.getMediaFormatOptions() may return null, but is declared @Nonnull |
CORRECTNESS |
NP_NONNULL_RETURN_VIOLATION |
152 |
High |
| io.wcm.handler.media.MediaComponentPropertyResolver.getPictureSources() may return null, but is declared @Nonnull |
CORRECTNESS |
NP_NONNULL_RETURN_VIOLATION |
226 |
High |
| Bug |
Category |
Details |
Line |
Priority |
| io.wcm.handler.media.impl.WidthUtils.parseWidths(String) may return null, but is declared @Nonnull |
CORRECTNESS |
NP_NONNULL_RETURN_VIOLATION |
70 |
High |
| The regular expression "(?<width>\\d+)(:(?<density>\\d+(\\.\\d+)?x))?(?<optional>\\?)?" is vulnerable to a denial of service attack (ReDOS) |
SECURITY |
REDOS |
45 |
Medium |
| The regular expression "^\\s*\\d+(:\\d+(\\.\\d+)?x)?\\??\\s*(,\\s*\\d+(:\\d+(\\.\\d+)?x)?\\??\\s*)*+$" is vulnerable to a denial of service attack (ReDOS) |
SECURITY |
REDOS |
51 |
Medium |
| Bug |
Category |
Details |
Line |
Priority |
| Null passed for non-null parameter of new org.apache.sling.api.resource.SyntheticResource(ResourceResolver, String, String) in io.wcm.handler.media.impl.ipeconfig.IPEConfigResourceProvider.buildAspectRatiosResource(ResourceResolver, String) |
CORRECTNESS |
NP_NONNULL_PARAM_VIOLATION |
166 |
High |
| Bug |
Category |
Details |
Line |
Priority |
| The regular expression "^.*/plugins/crop(/aspectRatios(/([^/]+))?)?$" is vulnerable to a denial of service attack (ReDOS) |
SECURITY |
REDOS |
46 |
Medium |
| The regular expression "^/wcmio:mediaHandler/ipeConfig((/[^/]+)+)/wcmio:mediaFormat((/[^/]+)+)/wcmio:config(/.*)?$" is vulnerable to a denial of service attack (ReDOS) |
SECURITY |
REDOS |
41 |
Medium |
| Bug |
Category |
Details |
Line |
Priority |
| Suppressing annotation UUF_UNUSED_PUBLIC_OR_PROTECTED_FIELD on the field io.wcm.handler.mediasource.ngdm.impl.metadata.MetadataResponse.assetMetadata is unnecessary |
STYLE |
US_USELESS_SUPPRESSION_ON_FIELD |
Not available |
Medium |
| Suppressing annotation UUF_UNUSED_PUBLIC_OR_PROTECTED_FIELD on the field io.wcm.handler.mediasource.ngdm.impl.metadata.MetadataResponse.repositoryMetadata is unnecessary |
STYLE |
US_USELESS_SUPPRESSION_ON_FIELD |
Not available |
Medium |
| Bug |
Category |
Details |
Line |
Priority |
| Suppressing annotation UUF_UNUSED_PUBLIC_OR_PROTECTED_FIELD on the class io.wcm.handler.mediasource.ngdm.impl.metadata.MetadataResponse$SmartCrop is unnecessary |
STYLE |
US_USELESS_SUPPRESSION_ON_CLASS |
56 |
Medium |
wcm.io