SpotBugs Bug Detector Report | wcm.io

The following document contains the results of SpotBugs

SpotBugs Version is 4.5.3

Threshold is medium

Effort is default

Summary

Classes	Bugs	Errors	Missing Classes
8	7	0	1

Files

Class	Bugs
io.wcm.maven.plugins.jsondlgcnv.ConversionMojo	4
io.wcm.maven.plugins.jsondlgcnv.DialogConverter	2
io.wcm.maven.plugins.jsondlgcnv.HelpMojo	1

io.wcm.maven.plugins.jsondlgcnv.ConversionMojo

Bug	Category	Details	Line	Priority
This API (java/io/File.<init>(Ljava/io/File;Ljava/lang/String;)V) reads a file whose location might be specified by user input	SECURITY	PATH_TRAVERSAL_IN	130	Medium
Exceptional return value of java.io.File.mkdir() ignored in io.wcm.maven.plugins.jsondlgcnv.ConversionMojo.getDialogConversionContentDir()	BAD_PRACTICE	RV_RETURN_VALUE_IGNORED_BAD_PRACTICE	120	Medium
Exceptional return value of java.io.File.mkdirs() ignored in io.wcm.maven.plugins.jsondlgcnv.ConversionMojo.getDialogConversionContentDir()	BAD_PRACTICE	RV_RETURN_VALUE_IGNORED_BAD_PRACTICE	133	Medium
Exceptional return value of java.io.File.mkdirs() ignored in io.wcm.maven.plugins.jsondlgcnv.ConversionMojo.initialize()	BAD_PRACTICE	RV_RETURN_VALUE_IGNORED_BAD_PRACTICE	115	Medium

io.wcm.maven.plugins.jsondlgcnv.DialogConverter

Bug	Category	Details	Line	Priority
Possible null pointer dereference in new io.wcm.maven.plugins.jsondlgcnv.DialogConverter(SlingContext, String, Log) due to return value of called method	STYLE	NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE	86	Medium
Possible null pointer dereference in io.wcm.maven.plugins.jsondlgcnv.DialogConverter.checkRuleMatch(Resource, boolean) due to return value of called method	STYLE	NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE	123	Medium

io.wcm.maven.plugins.jsondlgcnv.HelpMojo

Bug	Category	Details	Line	Priority
The use of DocumentBuilder.parse(...) (DocumentBuilder) is vulnerable to XML External Entity attacks	SECURITY	XXE_DOCUMENT	76	Medium

Copyright ©2014-2022 wcm.io. All Rights Reserved.

Version: 1.0.1-SNAPSHOT. Last Published: 2022-01-18.