FindBugs Bug Detector Report

The following document contains the results of FindBugs Report

FindBugs Version is 1.3.9

Threshold is medium

Effort is min

Summary

ClassesBugsErrorsMissing Classes
5887200

Files

ClassBugs
liquibase.change.ChangeFactory$11
liquibase.change.ColumnConfig4
liquibase.change.core.LoadDataChange1
liquibase.changelog.ChangeSet1
liquibase.changelog.filter.ShouldRunChangeSetFilter1
liquibase.database.AbstractDatabase1
liquibase.database.DatabaseFactory$11
liquibase.database.core.DerbyDatabase1
liquibase.database.structure.Index1
liquibase.database.structure.View1
liquibase.dbdoc.ChangeLogWriter1
liquibase.dbdoc.HTMLListWriter1
liquibase.dbdoc.HTMLWriter1
liquibase.diff.DiffResult3
liquibase.exception.MigrationFailedException1
liquibase.integration.ant.BaseLiquibaseTask$LogRedirector1
liquibase.integration.commandline.CommandLineUtils3
liquibase.integration.commandline.Main2
liquibase.parser.core.formattedsql.FormattedSqlChangeLogParser1
liquibase.parser.core.xml.XMLChangeLogSAXHandler5
liquibase.precondition.CustomPreconditionWrapper1
liquibase.precondition.core.SqlPrecondition1
liquibase.resource.CompositeResourceAccessor1
liquibase.resource.FileSystemResourceAccessor1
liquibase.serializer.core.string.StringChangeLogSerializer3
liquibase.serializer.core.xml.XMLChangeLogSerializer1
liquibase.snapshot.jvm.JdbcDatabaseSnapshotGenerator3
liquibase.snapshot.jvm.OracleDatabaseSnapshotGenerator11
liquibase.snapshot.jvm.PostgresDatabaseSnapshotGenerator1
liquibase.sqlgenerator.SqlGeneratorComparator2
liquibase.statement.core.CommentStatement1
liquibase.statement.core.CreateIndexStatement1
liquibase.statement.core.SelectFromDatabaseChangeLogLockStatement1
liquibase.statement.core.SelectFromDatabaseChangeLogStatement2
liquibase.util.StringUtils1
liquibase.util.csv.CSVReader1
liquibase.util.csv.CSVWriter1
liquibase.util.csv.opencsv.bean.ColumnPositionMappingStrategy3
liquibase.util.file.FilenameUtils4

liquibase.change.ChangeFactory$1

BugCategoryDetailsLinePriority
Method liquibase.change.ChangeFactory$1.compare(Class, Class) invokes inefficient new Integer(int) constructor; use Integer.valueOf(int) insteadPERFORMANCEDM_NUMBER_CTOR62Medium

liquibase.change.ColumnConfig

BugCategoryDetailsLinePriority
liquibase.change.ColumnConfig.getDefaultValueDate() may expose internal representation by returning ColumnConfig.defaultValueDateMALICIOUS_CODEEI_EXPOSE_REP235Medium
liquibase.change.ColumnConfig.getValueDate() may expose internal representation by returning ColumnConfig.valueDateMALICIOUS_CODEEI_EXPOSE_REP155Medium
liquibase.change.ColumnConfig.setDefaultValueDate(Date) may expose internal representation by storing an externally mutable object into ColumnConfig.defaultValueDateMALICIOUS_CODEEI_EXPOSE_REP2254Medium
liquibase.change.ColumnConfig.setValueDate(Date) may expose internal representation by storing an externally mutable object into ColumnConfig.valueDateMALICIOUS_CODEEI_EXPOSE_REP2159Medium

liquibase.change.core.LoadDataChange

BugCategoryDetailsLinePriority
Unchecked/unconfirmed cast from liquibase.change.ColumnConfig to liquibase.change.core.LoadDataColumnConfig in liquibase.change.core.LoadDataChange.addColumn(ColumnConfig)STYLEBC_UNCONFIRMED_CAST91Medium

liquibase.changelog.ChangeSet

BugCategoryDetailsLinePriority
Exception is caught when Exception is not thrown in liquibase.changelog.ChangeSet.execute(DatabaseChangeLog, Database)STYLEREC_CATCH_EXCEPTION351Medium

liquibase.changelog.filter.ShouldRunChangeSetFilter

BugCategoryDetailsLinePriority
Unread field: liquibase.changelog.filter.ShouldRunChangeSetFilter.databasePERFORMANCEURF_UNREAD_FIELD20Medium

liquibase.database.AbstractDatabase

BugCategoryDetailsLinePriority
Dead store to schemaName in liquibase.database.AbstractDatabase.escapeColumnName(String, String, String)STYLEDLS_DEAD_LOCAL_STORE857High

liquibase.database.DatabaseFactory$1

BugCategoryDetailsLinePriority
Method liquibase.database.DatabaseFactory$1.compare(Database, Database) invokes inefficient new Integer(int) constructor; use Integer.valueOf(int) insteadPERFORMANCEDM_NUMBER_CTOR61Medium

liquibase.database.core.DerbyDatabase

BugCategoryDetailsLinePriority
Method liquibase.database.core.DerbyDatabase.getDateLiteral(String) concatenates strings using + in a loopPERFORMANCESBSC_USE_STRINGBUFFER_CONCATENATION90Medium

liquibase.database.structure.Index

BugCategoryDetailsLinePriority
Possible null pointer dereference of Index.unique on path that might be infeasible in liquibase.database.structure.Index.equals(Object)STYLENP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE119Medium

liquibase.database.structure.View

BugCategoryDetailsLinePriority
Method liquibase.database.structure.View.toString() concatenates strings using + in a loopPERFORMANCESBSC_USE_STRINGBUFFER_CONCATENATION90Medium

liquibase.dbdoc.ChangeLogWriter

BugCategoryDetailsLinePriority
liquibase.dbdoc.ChangeLogWriter.writeChangeLog(String, String) ignores exceptional return value of java.io.File.mkdirs()BAD_PRACTICERV_RETURN_VALUE_IGNORED_BAD_PRACTICE37Medium

liquibase.dbdoc.HTMLListWriter

BugCategoryDetailsLinePriority
new liquibase.dbdoc.HTMLListWriter(String, String, String, File) ignores exceptional return value of java.io.File.mkdir()BAD_PRACTICERV_RETURN_VALUE_IGNORED_BAD_PRACTICE19Medium

liquibase.dbdoc.HTMLWriter

BugCategoryDetailsLinePriority
new liquibase.dbdoc.HTMLWriter(File, Database) ignores exceptional return value of java.io.File.mkdirs()BAD_PRACTICERV_RETURN_VALUE_IGNORED_BAD_PRACTICE26Medium

liquibase.diff.DiffResult

BugCategoryDetailsLinePriority
Exception is caught when Exception is not thrown in liquibase.diff.DiffResult.addInsertDataChanges(List, String)STYLEREC_CATCH_EXCEPTION1143Medium
liquibase.diff.DiffResult.addInsertDataChanges(List, String) ignores exceptional return value of java.io.File.mkdirs()BAD_PRACTICERV_RETURN_VALUE_IGNORED_BAD_PRACTICE1038Medium
liquibase.diff.DiffResult.printChangeLog(String, Database, ChangeLogSerializer) ignores result of java.io.BufferedReader.skip(long)BAD_PRACTICESR_NOT_CHECKED470Medium

liquibase.exception.MigrationFailedException

BugCategoryDetailsLinePriority
Method liquibase.exception.MigrationFailedException.getMessage() concatenates strings using + in a loopPERFORMANCESBSC_USE_STRINGBUFFER_CONCATENATION37Medium

liquibase.integration.ant.BaseLiquibaseTask$LogRedirector

BugCategoryDetailsLinePriority
Dead store to logger in liquibase.integration.ant.BaseLiquibaseTask$LogRedirector.registerHandler(Handler)STYLEDLS_DEAD_LOCAL_STORE294Medium

liquibase.integration.commandline.CommandLineUtils

BugCategoryDetailsLinePriority
Method liquibase.integration.commandline.CommandLineUtils.createDatabaseObject(ClassLoader, String, String, String, String, String, String, String) may fail to clean up java.io.InputStreamEXPERIMENTALOBL_UNSATISFIED_OBLIGATION73Medium
liquibase.integration.commandline.CommandLineUtils.createDatabaseObject(ClassLoader, String, String, String, String, String, String, String) may fail to close streamBAD_PRACTICEOS_OPEN_STREAM73Medium
Exception is caught when Exception is not thrown in liquibase.integration.commandline.CommandLineUtils.createDatabaseObject(ClassLoader, String, String, String, String, String, String, String)STYLEREC_CATCH_EXCEPTION96Medium

liquibase.integration.commandline.Main

BugCategoryDetailsLinePriority
Exception is caught when Exception is not thrown in liquibase.integration.commandline.Main.parseOptions(String[])STYLEREC_CATCH_EXCEPTION449Medium
Exception is caught when Exception is not thrown in liquibase.integration.commandline.Main.parsePropertiesFile(InputStream)STYLEREC_CATCH_EXCEPTION274Medium

liquibase.parser.core.formattedsql.FormattedSqlChangeLogParser

BugCategoryDetailsLinePriority
Dereference of the result of readLine() without nullcheck in liquibase.parser.core.formattedsql.FormattedSqlChangeLogParser.supports(String, ResourceAccessor)STYLENP_DEREFERENCE_OF_READLINE_VALUE31Medium

liquibase.parser.core.xml.XMLChangeLogSAXHandler

BugCategoryDetailsLinePriority
Exception is caught when Exception is not thrown in liquibase.parser.core.xml.XMLChangeLogSAXHandler.endElement(String, String, String)STYLEREC_CATCH_EXCEPTION600Medium
Exception is caught when Exception is not thrown in liquibase.parser.core.xml.XMLChangeLogSAXHandler.startElement(String, String, String, Attributes)STYLEREC_CATCH_EXCEPTION434Medium
liquibase.parser.core.xml.XMLChangeLogSAXHandler.extractZipFile(URL) ignores exceptional return value of java.io.File.delete()BAD_PRACTICERV_RETURN_VALUE_IGNORED_BAD_PRACTICE704Medium
liquibase.parser.core.xml.XMLChangeLogSAXHandler.extractZipFile(URL) ignores exceptional return value of java.io.File.mkdir()BAD_PRACTICERV_RETURN_VALUE_IGNORED_BAD_PRACTICE705Medium
liquibase.parser.core.xml.XMLChangeLogSAXHandler.extractZipFile(URL) ignores exceptional return value of java.io.File.mkdirs()BAD_PRACTICERV_RETURN_VALUE_IGNORED_BAD_PRACTICE713Medium

liquibase.precondition.CustomPreconditionWrapper

BugCategoryDetailsLinePriority
Exception is caught when Exception is not thrown in liquibase.precondition.CustomPreconditionWrapper.check(Database, DatabaseChangeLog, ChangeSet)STYLEREC_CATCH_EXCEPTION71Medium

liquibase.precondition.core.SqlPrecondition

BugCategoryDetailsLinePriority
Dead store to connection in liquibase.precondition.core.SqlPrecondition.check(Database, DatabaseChangeLog, ChangeSet)STYLEDLS_DEAD_LOCAL_STORE50Medium

liquibase.resource.CompositeResourceAccessor

BugCategoryDetailsLinePriority
liquibase.resource.CompositeResourceAccessor.toClassLoader() creates a liquibase.resource.CompositeResourceAccessor$CompositeClassLoader classloader, which should be performed within a doPrivileged blockBAD_PRACTICEDP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED84Medium

liquibase.resource.FileSystemResourceAccessor

BugCategoryDetailsLinePriority
liquibase.resource.FileSystemResourceAccessor.toClassLoader() creates a java.net.URLClassLoader classloader, which should be performed within a doPrivileged blockBAD_PRACTICEDP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED99Medium

liquibase.serializer.core.string.StringChangeLogSerializer

BugCategoryDetailsLinePriority
Exception is caught when Exception is not thrown in liquibase.serializer.core.string.StringChangeLogSerializer.serializeObject(Object, int)STYLEREC_CATCH_EXCEPTION106Medium
Method liquibase.serializer.core.string.StringChangeLogSerializer.serializeObject(Collection, int) concatenates strings using + in a loopPERFORMANCESBSC_USE_STRINGBUFFER_CONCATENATION126Medium
Method liquibase.serializer.core.string.StringChangeLogSerializer.serializeObject(Map, int) concatenates strings using + in a loopPERFORMANCESBSC_USE_STRINGBUFFER_CONCATENATION143Medium

liquibase.serializer.core.xml.XMLChangeLogSerializer

BugCategoryDetailsLinePriority
Exception is caught when Exception is not thrown in liquibase.serializer.core.xml.XMLChangeLogSerializer.createNode(Change)STYLEREC_CATCH_EXCEPTION218Medium

liquibase.snapshot.jvm.JdbcDatabaseSnapshotGenerator

BugCategoryDetailsLinePriority
liquibase.snapshot.jvm.JdbcDatabaseSnapshotGenerator.getColumn(String, String, String, Database) might ignore java.sql.SQLExceptionBAD_PRACTICEDE_MIGHT_IGNORE177Medium
liquibase.snapshot.jvm.JdbcDatabaseSnapshotGenerator.getTable(String, String, Database) might ignore java.sql.SQLExceptionBAD_PRACTICEDE_MIGHT_IGNORE151Medium
Method liquibase.snapshot.jvm.JdbcDatabaseSnapshotGenerator.readIndexes(DatabaseSnapshot, String, DatabaseMetaData) passes a nonconstant String to an execute method on an SQL statementSECURITYSQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE721High

liquibase.snapshot.jvm.OracleDatabaseSnapshotGenerator

BugCategoryDetailsLinePriority
Load of known null value in liquibase.snapshot.jvm.OracleDatabaseSnapshotGenerator.findIntegerColumns(DatabaseSnapshot, String)STYLENP_LOAD_OF_KNOWN_NULL_VALUE229Medium
Load of known null value in liquibase.snapshot.jvm.OracleDatabaseSnapshotGenerator.getAdditionalForeignKeys(String, Database)STYLENP_LOAD_OF_KNOWN_NULL_VALUE281Medium
Load of known null value in liquibase.snapshot.jvm.OracleDatabaseSnapshotGenerator.readColumns(DatabaseSnapshot, String, DatabaseMetaData)STYLENP_LOAD_OF_KNOWN_NULL_VALUE183Medium
Load of known null value in liquibase.snapshot.jvm.OracleDatabaseSnapshotGenerator.readPrimaryKeys(DatabaseSnapshot, String, DatabaseMetaData)STYLENP_LOAD_OF_KNOWN_NULL_VALUE438Medium
Load of known null value in liquibase.snapshot.jvm.OracleDatabaseSnapshotGenerator.readUniqueConstraints(DatabaseSnapshot, String, DatabaseMetaData)STYLENP_LOAD_OF_KNOWN_NULL_VALUE95Medium
Method liquibase.snapshot.jvm.OracleDatabaseSnapshotGenerator.findIntegerColumns(DatabaseSnapshot, String) passes a nonconstant String to an execute method on an SQL statementSECURITYSQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE235High
Method liquibase.snapshot.jvm.OracleDatabaseSnapshotGenerator.getAdditionalForeignKeys(String, Database) passes a nonconstant String to an execute method on an SQL statementSECURITYSQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE296High
Method liquibase.snapshot.jvm.OracleDatabaseSnapshotGenerator.readColumns(DatabaseSnapshot, String, DatabaseMetaData) passes a nonconstant String to an execute method on an SQL statementSECURITYSQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE187High
Method liquibase.snapshot.jvm.OracleDatabaseSnapshotGenerator.readIndexes(DatabaseSnapshot, String, DatabaseMetaData) passes a nonconstant String to an execute method on an SQL statementSECURITYSQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE339High
Method liquibase.snapshot.jvm.OracleDatabaseSnapshotGenerator.readPrimaryKeys(DatabaseSnapshot, String, DatabaseMetaData) passes a nonconstant String to an execute method on an SQL statementSECURITYSQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE446High
A prepared statement is generated from a nonconstant String at liquibase.snapshot.jvm.OracleDatabaseSnapshotGenerator.readUniqueConstraints(DatabaseSnapshot, String, DatabaseMetaData) SECURITYSQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING100High

liquibase.snapshot.jvm.PostgresDatabaseSnapshotGenerator

BugCategoryDetailsLinePriority
A prepared statement is generated from a nonconstant String at liquibase.snapshot.jvm.PostgresDatabaseSnapshotGenerator.getColumnsForUniqueConstraint(Database, long, Array, UniqueConstraint) SECURITYSQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING123Medium

liquibase.sqlgenerator.SqlGeneratorComparator

BugCategoryDetailsLinePriority
Method liquibase.sqlgenerator.SqlGeneratorComparator.compare(SqlGenerator, SqlGenerator) invokes inefficient new Integer(int) constructor; use Integer.valueOf(int) insteadPERFORMANCEDM_NUMBER_CTOR7Medium
liquibase.sqlgenerator.SqlGeneratorComparator implements Comparator but not SerializableBAD_PRACTICESE_COMPARATOR_SHOULD_BE_SERIALIZABLE5Medium

liquibase.statement.core.CommentStatement

BugCategoryDetailsLinePriority
Unread field: liquibase.statement.core.CommentStatement.MAX_LENGTH; should this field be static?PERFORMANCESS_SHOULD_BE_STATIC7Medium

liquibase.statement.core.CreateIndexStatement

BugCategoryDetailsLinePriority
liquibase.statement.core.CreateIndexStatement.getColumns() may expose internal representation by returning CreateIndexStatement.columnsMALICIOUS_CODEEI_EXPOSE_REP40Medium

liquibase.statement.core.SelectFromDatabaseChangeLogLockStatement

BugCategoryDetailsLinePriority
liquibase.statement.core.SelectFromDatabaseChangeLogLockStatement.getColumnsToSelect() may expose internal representation by returning SelectFromDatabaseChangeLogLockStatement.columnsToSelectMALICIOUS_CODEEI_EXPOSE_REP14Medium

liquibase.statement.core.SelectFromDatabaseChangeLogStatement

BugCategoryDetailsLinePriority
liquibase.statement.core.SelectFromDatabaseChangeLogStatement.getColumnsToSelect() may expose internal representation by returning SelectFromDatabaseChangeLogStatement.columnsToSelectMALICIOUS_CODEEI_EXPOSE_REP21Medium
liquibase.statement.core.SelectFromDatabaseChangeLogStatement.getOrderByColumns() may expose internal representation by returning SelectFromDatabaseChangeLogStatement.orderByColumnsMALICIOUS_CODEEI_EXPOSE_REP29Medium

liquibase.util.StringUtils

BugCategoryDetailsLinePriority
Method liquibase.util.StringUtils.repeat(String, int) concatenates strings using + in a loopPERFORMANCESBSC_USE_STRINGBUFFER_CONCATENATION125Medium

liquibase.util.csv.CSVReader

BugCategoryDetailsLinePriority
The class name liquibase.util.csv.CSVReader shadows the simple name of the superclass liquibase.util.csv.opencsv.CSVReaderBAD_PRACTICENM_SAME_SIMPLE_NAME_AS_SUPERCLASS7High

liquibase.util.csv.CSVWriter

BugCategoryDetailsLinePriority
The class name liquibase.util.csv.CSVWriter shadows the simple name of the superclass liquibase.util.csv.opencsv.CSVWriterBAD_PRACTICENM_SAME_SIMPLE_NAME_AS_SUPERCLASS12High

liquibase.util.csv.opencsv.bean.ColumnPositionMappingStrategy

BugCategoryDetailsLinePriority
liquibase.util.csv.opencsv.bean.ColumnPositionMappingStrategy.getColumnMapping() may expose internal representation by returning ColumnPositionMappingStrategy.columnMappingMALICIOUS_CODEEI_EXPOSE_REP33Medium
liquibase.util.csv.opencsv.bean.ColumnPositionMappingStrategy.setColumnMapping(String[]) may expose internal representation by storing an externally mutable object into ColumnPositionMappingStrategy.columnMappingMALICIOUS_CODEEI_EXPOSE_REP237Medium
liquibase.util.csv.opencsv.bean.ColumnPositionMappingStrategy.captureHeader(CSVReader) doesn't override method in superclass because parameter type liquibase.util.csv.CSVReader doesn't match superclass parameter type liquibase.util.csv.opencsv.CSVReaderCORRECTNESSNM_WRONG_PACKAGE25High

liquibase.util.file.FilenameUtils

BugCategoryDetailsLinePriority
Method liquibase.util.file.FilenameUtils.<static initializer>() uses the same code for two branchesSTYLEDB_DUPLICATE_BRANCHES127Medium
Method liquibase.util.file.FilenameUtils.<static initializer>() invokes inefficient new Character(char) constructor; use Character.valueOf(char) insteadPERFORMANCEDM_NUMBER_CTOR103Medium
Comparison of String parameter using == or != in liquibase.util.file.FilenameUtils.equals(String, String, boolean, IOCase) BAD_PRACTICEES_COMPARING_PARAMETER_STRING_WITH_EQ1002High
Repeated conditional test in liquibase.util.file.FilenameUtils.isSeparator(char)CORRECTNESSRpC_REPEATED_CONDITIONAL_TEST159High