diff --git a/data/aclang/misuses/1/misuse.yml b/data/aclang/misuses/1/misuse.yml index ef0239cf2..e7567b0fa 100644 --- a/data/aclang/misuses/1/misuse.yml +++ b/data/aclang/misuses/1/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > StrBuilder.getNullText() may return null. -location: +locations: file: org/apache/commons/lang/text/StrBuilder.java method: "appendFixedWidthPadLeft(Object, int, char)" fix: diff --git a/data/aclang/misuses/2/misuse.yml b/data/aclang/misuses/2/misuse.yml index a418153cf..7375a0084 100644 --- a/data/aclang/misuses/2/misuse.yml +++ b/data/aclang/misuses/2/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > StrBuilder.getNullText() may return null. -location: +locations: file: org/apache/commons/lang/text/StrBuilder.java method: "appendFixedWidthPadRight(Object, int, char)" fix: diff --git a/data/acmath/misuses/1/misuse.yml b/data/acmath/misuses/1/misuse.yml index 7c509a8c3..d3dc52883 100644 --- a/data/acmath/misuses/1/misuse.yml +++ b/data/acmath/misuses/1/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > SubLine.intersection() may return null. -location: +locations: file: org/apache/commons/math3/geometry/euclidean/threed/SubLine.java method: "intersection(SubLine, boolean)" fix: diff --git a/data/acmath/misuses/2/misuse.yml b/data/acmath/misuses/2/misuse.yml index 2d6e4856d..598ba96cb 100644 --- a/data/acmath/misuses/2/misuse.yml +++ b/data/acmath/misuses/2/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > SubLine.intersection() may return null. -location: +locations: file: org/apache/commons/math3/geometry/euclidean/twod/SubLine.java method: "intersection(SubLine, boolean)" fix: diff --git a/data/adempiere/misuses/1/misuse.yml b/data/adempiere/misuses/1/misuse.yml index 948f75b14..fabb0d623 100644 --- a/data/adempiere/misuses/1/misuse.yml +++ b/data/adempiere/misuses/1/misuse.yml @@ -7,7 +7,7 @@ crash: false description: > A string is converted to bytes without specifying an explicit encoding. The bytes are then passed to Cipher.doFinal(). The fix specifies the encoding "UTF-8". -location: +locations: file: org/compiere/util/Secure.java method: encrypt(String) fix: diff --git a/data/adempiere/misuses/2/misuse.yml b/data/adempiere/misuses/2/misuse.yml index e4ba8313e..870682974 100644 --- a/data/adempiere/misuses/2/misuse.yml +++ b/data/adempiere/misuses/2/misuse.yml @@ -7,7 +7,7 @@ crash: false description: > An encrypted message is decrypted and then converted back to a string, without specifying an explicit encoding. The fix specifies the encoding "UTF-8". -location: +locations: file: org/compiere/util/Secure.java method: decrypt(String) fix: diff --git a/data/alfresco-android-app/misuses/1/misuse.yml b/data/alfresco-android-app/misuses/1/misuse.yml index 0eb5a8b9b..56efd19e4 100644 --- a/data/alfresco-android-app/misuses/1/misuse.yml +++ b/data/alfresco-android-app/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses PBEWithMD5AndDES which is considered unsafe. -location: +locations: file: main/java/org/alfresco/mobile/android/platform/security/EncryptionUtils.java method: "generateKey(Context, int)" internal: true diff --git a/data/alibaba-druid/misuses/1/misuse.yml b/data/alibaba-druid/misuses/1/misuse.yml index 49832b0e9..aa85ba757 100644 --- a/data/alibaba-druid/misuses/1/misuse.yml +++ b/data/alibaba-druid/misuses/1/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > An instance of Cipher is used twice (the init() method is called again), which is an invalid operation. -location: +locations: file: com/alibaba/druid/filter/config/ConfigTools.java method: "decrypt(PublicKey, String)" fix: diff --git a/data/alibaba-druid/misuses/2/misuse.yml b/data/alibaba-druid/misuses/2/misuse.yml index 90ccf62ca..d48c6f0a0 100644 --- a/data/alibaba-druid/misuses/2/misuse.yml +++ b/data/alibaba-druid/misuses/2/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > A call to Cipher.init() may throw an InvalidKeyException. -location: +locations: file: com/alibaba/druid/filter/config/ConfigTools.java method: "encrypt(byte[], String)" fix: diff --git a/data/android-rcs-rcsjta/misuses/1/misuse.yml b/data/android-rcs-rcsjta/misuses/1/misuse.yml index 4020308e9..89dec47fe 100644 --- a/data/android-rcs-rcsjta/misuses/1/misuse.yml +++ b/data/android-rcs-rcsjta/misuses/1/misuse.yml @@ -7,7 +7,7 @@ violations: crash: false description: > Exports bytes for Mac.doFinal() without specifying the encoding. -location: +locations: file: com/orangelabs/rcs/core/ims/service/im/chat/ContributionIdGenerator.java method: getContributionId(String) fix: diff --git a/data/androiduil/misuses/1/misuse.yml b/data/androiduil/misuses/1/misuse.yml index 300ee3cf2..16a474d5c 100644 --- a/data/androiduil/misuses/1/misuse.yml +++ b/data/androiduil/misuses/1/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > Environment.getExternalStorageState() may throw NullPointerException. -location: +locations: file: com/nostra13/universalimageloader/utils/StorageUtils.java method: "getCacheDirectory(Context, boolean)" fix: diff --git a/data/apache-gora/misuses/56_1/misuse.yml b/data/apache-gora/misuses/56_1/misuse.yml index 7242da070..3fa5a7e00 100644 --- a/data/apache-gora/misuses/56_1/misuse.yml +++ b/data/apache-gora/misuses/56_1/misuse.yml @@ -11,7 +11,7 @@ fix: commit: https://github.com/apache/gora/commit/4f98503c014c359b6ab018f43920d454b0344160 revision: 4f98503c014c359b6ab018f43920d454b0344160 internal: false -location: +locations: file: org/apache/gora/accumulo/store/PartitionTest.java method: encl(long) report: https://github.com/apache/gora/pull/55 diff --git a/data/apache-gora/misuses/56_2/misuse.yml b/data/apache-gora/misuses/56_2/misuse.yml index 45a305b74..6a9aa055a 100644 --- a/data/apache-gora/misuses/56_2/misuse.yml +++ b/data/apache-gora/misuses/56_2/misuse.yml @@ -11,7 +11,7 @@ fix: commit: https://github.com/apache/gora/commit/4f98503c014c359b6ab018f43920d454b0344160 revision: 4f98503c014c359b6ab018f43920d454b0344160 internal: false -location: +locations: file: org/apache/gora/util/TestWritableUtils.java method: testWritesReads() report: https://github.com/apache/gora/pull/55 diff --git a/data/apdplat/misuses/1/misuse.yml b/data/apdplat/misuses/1/misuse.yml index d77fe514c..5d000ea1f 100644 --- a/data/apdplat/misuses/1/misuse.yml +++ b/data/apdplat/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses DES which is unsafe. -location: +locations: file: org/apdplat/module/security/service/sequence/EncryptClassUtils.java method: "encrypt(String keyFile, String classFile, String newClassFile)" internal: false diff --git a/data/argouml/misuses/tikanga11-1/misuse.yml b/data/argouml/misuses/tikanga11-1/misuse.yml index 23a53217a..c842bf2cc 100644 --- a/data/argouml/misuses/tikanga11-1/misuse.yml +++ b/data/argouml/misuses/tikanga11-1/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > If the zargo file to be loaded contains no `.argo` file, this method will throw an exception at line 261. -location: +locations: file: org/argouml/persistence/ZargoFilePersister.java method: "loadFromZargo(File, ProgressMgr)" internal: true diff --git a/data/argouml/misuses/tikanga11-2/misuse.yml b/data/argouml/misuses/tikanga11-2/misuse.yml index 3571e5ada..e42842852 100644 --- a/data/argouml/misuses/tikanga11-2/misuse.yml +++ b/data/argouml/misuses/tikanga11-2/misuse.yml @@ -6,7 +6,7 @@ violations: crash: false description: > This method doesn't do what it should. Its last reference to `i2` should change to a reference to `i1`. -location: +locations: file: org/argouml/uml/util/PathComparator.java method: "comparePaths(Object, Object)" internal: false diff --git a/data/argouml/misuses/tikanga11-3/misuse.yml b/data/argouml/misuses/tikanga11-3/misuse.yml index b5608afdc..d3b89e989 100644 --- a/data/argouml/misuses/tikanga11-3/misuse.yml +++ b/data/argouml/misuses/tikanga11-3/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > If the zargo file to be loaded contains no `.argo` file, this method will throw an exception at line 218. -location: +locations: file: org/argouml/persistence/ZargoFilePersister.java method: "doLoad(File)" internal: false diff --git a/data/argouml/misuses/tikanga11-4/misuse.yml b/data/argouml/misuses/tikanga11-4/misuse.yml index 7ce7f4227..ba10c3a4e 100644 --- a/data/argouml/misuses/tikanga11-4/misuse.yml +++ b/data/argouml/misuses/tikanga11-4/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > If the zargo file to be loaded contains no `.xmi` file, this method will throw an exception at line 274. -location: +locations: file: org/argouml/persistence/ZargoFilePersister.java method: "loadFromZargo(File, ProgressMgr)" internal: true diff --git a/data/aspectj/misuses/1/misuse.yml b/data/aspectj/misuses/1/misuse.yml index 321ea3e8c..906f12d24 100644 --- a/data/aspectj/misuses/1/misuse.yml +++ b/data/aspectj/misuses/1/misuse.yml @@ -5,7 +5,7 @@ violations: crash: false description: > Iterator.next() is not preceded by a Iterator.hasNext() -location: +locations: file: org/aspectj/weaver/patterns/PointcutRewriter.java method: "simplifyAnd(AndPointcut apc)" fix: diff --git a/data/aspectj/misuses/2/misuse.yml b/data/aspectj/misuses/2/misuse.yml index d7bb73a06..779005a84 100644 --- a/data/aspectj/misuses/2/misuse.yml +++ b/data/aspectj/misuses/2/misuse.yml @@ -5,7 +5,7 @@ violations: crash: false description: > The last for loop in the method checks iter.hasNext(), but increases iter2.next() -location: +locations: file: org/aspectj/weaver/bcel/BcelClassWeaver.java method: "weaveAtFieldRepeatedly(List decaFs, List itdFields,List reportedErrors)" fix: diff --git a/data/aspectj/misuses/3/misuse.yml b/data/aspectj/misuses/3/misuse.yml index 11e20f2bb..8df8f3be6 100644 --- a/data/aspectj/misuses/3/misuse.yml +++ b/data/aspectj/misuses/3/misuse.yml @@ -8,7 +8,7 @@ The last for loop in the method checks iter.hasNext(), but increases iter2.next() -location: +locations: file: org/aspectj/weaver/bcel/BcelClassWeaver.java method: "weaveAtMethodOnITDSRepeatedly(List decaMCs, List itdMethodsCtors,List reportedErrors)" fix: diff --git a/data/aspectj/misuses/4/misuse.yml b/data/aspectj/misuses/4/misuse.yml index 36d00bb99..d9d0f1d02 100644 --- a/data/aspectj/misuses/4/misuse.yml +++ b/data/aspectj/misuses/4/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > The verifyNoInheritedAlternateParameterization method in org.aspectj.weaver.patterns.DeclareParents class only checks one superclass of any given class instead of checking all of them. -location: +locations: file: org/aspectj/weaver/patterns/DeclareParents.java method: "verifyNoInheritedAlternateParameterization(ResolvedType typeToVerify,ResolvedType newParent,World world)" fix: diff --git a/data/asterisk-java/misuses/194/misuse.yml b/data/asterisk-java/misuses/194/misuse.yml index 1f9b804ed..463d745b0 100644 --- a/data/asterisk-java/misuses/194/misuse.yml +++ b/data/asterisk-java/misuses/194/misuse.yml @@ -11,7 +11,7 @@ fix: commit: https://github.com/emopers/asterisk-java/commit/41461b41309bf9f027a46f178cb777a1a94b8c3f revision: 41461b41309bf9f027a46f178cb777a1a94b8c3f internal: false -location: +locations: file: org/asteriskjava/manager/event/RtcpReceivedEvent.java method: setPt(String) report: https://github.com/asterisk-java/asterisk-java/pull/132 diff --git a/data/asterisk-java/misuses/81/misuse.yml b/data/asterisk-java/misuses/81/misuse.yml index b2b5a25bf..edeb74115 100644 --- a/data/asterisk-java/misuses/81/misuse.yml +++ b/data/asterisk-java/misuses/81/misuse.yml @@ -10,7 +10,7 @@ fix: commit: https://github.com/emopers/asterisk-java/commit/304421c261da68df03ad2fb96683241c8df12c0a revision: 304421c261da68df03ad2fb96683241c8df12c0a internal: false -location: +locations: file: org/asteriskjava/manager/event/AsyncAgiEvent.java method: decode(String) report: https://github.com/asterisk-java/asterisk-java/pull/85 diff --git a/data/asterisk-java/misuses/dmmc-8/misuse.yml b/data/asterisk-java/misuses/dmmc-8/misuse.yml index e3cde7d20..9bcbed4a4 100644 --- a/data/asterisk-java/misuses/dmmc-8/misuse.yml +++ b/data/asterisk-java/misuses/dmmc-8/misuse.yml @@ -8,7 +8,7 @@ description: | In line 323 the `value` is cast to `List` and its `i`s element is accessed without prior check that such an element exists. internal: false -location: +locations: file: org/asteriskjava/manager/internal/EventBuilderImpl.java method: buildEvent(Object, Map) line: 323 diff --git a/data/asterisk-java/misuses/dmmc-9/misuse.yml b/data/asterisk-java/misuses/dmmc-9/misuse.yml index 2eb6e47b1..34c84e3c5 100644 --- a/data/asterisk-java/misuses/dmmc-9/misuse.yml +++ b/data/asterisk-java/misuses/dmmc-9/misuse.yml @@ -9,7 +9,7 @@ description: | without prior check that there is such an element. In fact, the check in line 403 suggests that `getChildEvents()` might even return `null`. internal: false -location: +locations: file: org/asteriskjava/manager/internal/EventBuilderImpl.java method: buildEvent(Object, Map) line: 410 diff --git a/data/battleforge/misuses/1/misuse.yml b/data/battleforge/misuses/1/misuse.yml index ad0098ab3..88a136cd3 100644 --- a/data/battleforge/misuses/1/misuse.yml +++ b/data/battleforge/misuses/1/misuse.yml @@ -7,7 +7,7 @@ crash: false description: > Encoded data is converted into a String for storing, without explicitely specifying an encoding. The fix introduces base64 encoding. -location: +locations: file: de/battleforge/util/BFProperties.java method: "setProperty(BFProps, String, boolean)" fix: diff --git a/data/battleforge/misuses/2/misuse.yml b/data/battleforge/misuses/2/misuse.yml index 0283f1816..c21c92528 100644 --- a/data/battleforge/misuses/2/misuse.yml +++ b/data/battleforge/misuses/2/misuse.yml @@ -6,7 +6,7 @@ violations: crash: false description: > Text is converted to bytes for encoding without an explicit encoding. -location: +locations: file: de/battleforge/util/BFProperties.java method: "setProperty(BFProps, String, boolean)" internal: false diff --git a/data/battleforge/misuses/3/misuse.yml b/data/battleforge/misuses/3/misuse.yml index 89dd20999..2883e3768 100644 --- a/data/battleforge/misuses/3/misuse.yml +++ b/data/battleforge/misuses/3/misuse.yml @@ -7,7 +7,7 @@ crash: false description: > Encoded data is retrieved from a string (from storage) without explicitely specifying an encoding. The fix introduces base64 decoding. -location: +locations: file: de/battleforge/util/BFProperties.java method: getProperty(BFProps) fix: diff --git a/data/battleforge/misuses/4/misuse.yml b/data/battleforge/misuses/4/misuse.yml index 250c42b9c..c51be7d4d 100644 --- a/data/battleforge/misuses/4/misuse.yml +++ b/data/battleforge/misuses/4/misuse.yml @@ -6,7 +6,7 @@ violations: crash: false description: > Decoded data is converted to String without explicitly specifying an encoding. -location: +locations: file: de/battleforge/util/BFProperties.java method: getProperty(BFProps) internal: false diff --git a/data/bcel/misuses/101/misuse.yml b/data/bcel/misuses/101/misuse.yml index c62be8805..b4699c1a0 100644 --- a/data/bcel/misuses/101/misuse.yml +++ b/data/bcel/misuses/101/misuse.yml @@ -10,7 +10,7 @@ fix: commit: https://github.com/apache/commons-bcel/commit/6296aa33e01e33c81811f0853251c539cdbd61ad revision: 6296aa33e01e33c81811f0853251c539cdbd61ad internal: false -location: +locations: file: org/apache/commons/bcel6/generic/InstructionList.java method: getByteCode() report: https://github.com/apache/commons-bcel/pull/3 diff --git a/data/calligraphy/misuses/1/misuse.yml b/data/calligraphy/misuses/1/misuse.yml index 3d98d70ad..1e5b46b18 100644 --- a/data/calligraphy/misuses/1/misuse.yml +++ b/data/calligraphy/misuses/1/misuse.yml @@ -6,7 +6,7 @@ violations: crash: true description: > Context.obtainStyledAttributes().getString() may throw on some platforms. -location: +locations: file: uk/co/chrisjenx/calligraphy/CalligraphyUtils.java method: "pullFontPathFromStyle(Context, AttributeSet, int)" fix: diff --git a/data/calligraphy/misuses/2/misuse.yml b/data/calligraphy/misuses/2/misuse.yml index 43f7f34c3..a07bf8df2 100644 --- a/data/calligraphy/misuses/2/misuse.yml +++ b/data/calligraphy/misuses/2/misuse.yml @@ -6,7 +6,7 @@ violations: crash: true description: > Theme.obtainStyledAttributes().getString() may throw on some platforms. -location: +locations: file: uk/co/chrisjenx/calligraphy/CalligraphyUtils.java method: "pullFontPathFromTheme(Context, int, int)" fix: diff --git a/data/cgeo/misuses/1/misuse.yml b/data/cgeo/misuses/1/misuse.yml index 1d9f49832..d7c3514d4 100644 --- a/data/cgeo/misuses/1/misuse.yml +++ b/data/cgeo/misuses/1/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > Passes invalid mime-type to Intent.setDataAndType(). http://stackoverflow.com/questions/6573541/no-intent-to-view-jpg-on-honeycomb -location: +locations: file: cgeo/geocaching/cgeoimages.java method: viewImageInStandardApp(BitmapDrawable) fix: diff --git a/data/chensun/misuses/1/misuse.yml b/data/chensun/misuses/1/misuse.yml index 500d7266c..6ee5b4b03 100644 --- a/data/chensun/misuses/1/misuse.yml +++ b/data/chensun/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses DES which is considered unsafe. -location: +locations: file: server/generateChecksumPostsAndReplies.java method: "main(String[])" internal: true diff --git a/data/chensun/misuses/2/misuse.yml b/data/chensun/misuses/2/misuse.yml index b1d40043d..4dcc5bda4 100644 --- a/data/chensun/misuses/2/misuse.yml +++ b/data/chensun/misuses/2/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses a non-random key in CBC mode. -location: +locations: file: server/generateChecksumPostsAndReplies.java method: "main(String[])" internal: true diff --git a/data/chensun/misuses/grouminer-3/misuse.yml b/data/chensun/misuses/grouminer-3/misuse.yml index 429a710fb..a83102e2e 100644 --- a/data/chensun/misuses/grouminer-3/misuse.yml +++ b/data/chensun/misuses/grouminer-3/misuse.yml @@ -7,7 +7,7 @@ description: | The `ResultSet` fetched in line 644 is never closed. (This is the same findings as `jadet-4` and `mudetect-19`) internal: false -location: +locations: file: database/SocialNetworkDatabasePosts.java method: getPost(Connection, String, String, String, int) line: 644 diff --git a/data/chensun/misuses/grouminer-3a/misuse.yml b/data/chensun/misuses/grouminer-3a/misuse.yml index 622ff4da8..35cc720f7 100644 --- a/data/chensun/misuses/grouminer-3a/misuse.yml +++ b/data/chensun/misuses/grouminer-3a/misuse.yml @@ -7,7 +7,7 @@ description: | The `ResultSet` fetched in line 662 is never closed. (This is the same findings as `jadet-4`) internal: false -location: +locations: file: database/SocialNetworkDatabasePosts.java method: getPost(Connection, String, String, String, int) line: 662 diff --git a/data/chensun/misuses/grouminer-9/misuse.yml b/data/chensun/misuses/grouminer-9/misuse.yml index 31903795b..89580c615 100644 --- a/data/chensun/misuses/grouminer-9/misuse.yml +++ b/data/chensun/misuses/grouminer-9/misuse.yml @@ -7,7 +7,7 @@ description: | The `PreparedStatement` opened in line 702 is never closed. (Same findings as `mudetect-17`) internal: false -location: +locations: file: database/SocialNetworkDatabasePosts.java method: addFFAParticipipant(Connection, int, String, String) line: 702 diff --git a/data/chensun/misuses/jadet-1/misuse.yml b/data/chensun/misuses/jadet-1/misuse.yml index cadadb988..61f328b5a 100644 --- a/data/chensun/misuses/jadet-1/misuse.yml +++ b/data/chensun/misuses/jadet-1/misuse.yml @@ -7,7 +7,7 @@ description: | The `PreparedStatement` opened in line 635 is never closed. (Same finding as `mudetect-19` and `mudetectxp-7`) internal: false -location: +locations: file: database/SocialNetworkDatabasePosts.java method: getPost(Connection, String, String, String, int) line: 635 diff --git a/data/chensun/misuses/jadet-1a/misuse.yml b/data/chensun/misuses/jadet-1a/misuse.yml index 1ab7805b6..ffc97a859 100644 --- a/data/chensun/misuses/jadet-1a/misuse.yml +++ b/data/chensun/misuses/jadet-1a/misuse.yml @@ -7,7 +7,7 @@ description: | The `PreparedStatement` opened in line 636 is never closed. (Same finding as `mudetect-18` and `mudetectxp-8`) internal: false -location: +locations: file: database/SocialNetworkDatabasePosts.java method: getPost(Connection, String, String, String, int) line: 636 diff --git a/data/chensun/misuses/jadet-2/misuse.yml b/data/chensun/misuses/jadet-2/misuse.yml index 61682a47d..17ffa5bed 100644 --- a/data/chensun/misuses/jadet-2/misuse.yml +++ b/data/chensun/misuses/jadet-2/misuse.yml @@ -6,7 +6,7 @@ crash: false description: | The `ResultSet` fetched in line 375 is not closed in case of an exception. internal: false -location: +locations: file: database/SocialNetworkDatabaseBoards.java method: getBoardList(Connection, String) line: 375 diff --git a/data/chensun/misuses/jadet-2a/misuse.yml b/data/chensun/misuses/jadet-2a/misuse.yml index 22f481577..a5274c36a 100644 --- a/data/chensun/misuses/jadet-2a/misuse.yml +++ b/data/chensun/misuses/jadet-2a/misuse.yml @@ -7,7 +7,7 @@ description: | The `ResultSet` fetched in line 350 is not closed in case of an exception. (This is the same findings as `mudetect-11`) internal: false -location: +locations: file: database/SocialNetworkDatabaseBoards.java method: getBoardList(Connection, String) line: 350 diff --git a/data/chensun/misuses/jadet-5/misuse.yml b/data/chensun/misuses/jadet-5/misuse.yml index 949695c18..fb5d9a873 100644 --- a/data/chensun/misuses/jadet-5/misuse.yml +++ b/data/chensun/misuses/jadet-5/misuse.yml @@ -7,7 +7,7 @@ description: | The `ResultSet` fetched in line 290 is not closed in case of an exception. (Same finding as `mudetectxp-13`) internal: false -location: +locations: file: database/SocialNetworkDatabaseBoards.java method: authorizedGoToBoard(Connection, String, String) line: 290 diff --git a/data/chensun/misuses/jadet-5a/misuse.yml b/data/chensun/misuses/jadet-5a/misuse.yml index 3f9b4926f..8f309c382 100644 --- a/data/chensun/misuses/jadet-5a/misuse.yml +++ b/data/chensun/misuses/jadet-5a/misuse.yml @@ -7,7 +7,7 @@ description: | The `ResultSet` fetched in line 304 is not closed in case of an exception. (Same finding as `mudetectxp-12`) internal: false -location: +locations: file: database/SocialNetworkDatabaseBoards.java method: authorizedGoToBoard(Connection, String, String) line: 304 diff --git a/data/chensun/misuses/mudetect-12/misuse.yml b/data/chensun/misuses/mudetect-12/misuse.yml index b5e2efe26..3e1f5c72b 100644 --- a/data/chensun/misuses/mudetect-12/misuse.yml +++ b/data/chensun/misuses/mudetect-12/misuse.yml @@ -6,7 +6,7 @@ crash: false description: | The `PreparedStatement addAdminPstmt` opened in line 204 is never closed. internal: false -location: +locations: file: database/SocialNetworkDatabaseBoards.java method: createBoard(Connection, String, String) line: 204 diff --git a/data/chensun/misuses/mudetect-13/misuse.yml b/data/chensun/misuses/mudetect-13/misuse.yml index bdbb84a15..c5415b07d 100644 --- a/data/chensun/misuses/mudetect-13/misuse.yml +++ b/data/chensun/misuses/mudetect-13/misuse.yml @@ -6,7 +6,7 @@ crash: false description: | The `PreparedStatement pstmt` opened in line 1159 is never closed. internal: false -location: +locations: file: database/DatabaseAdmin.java method: replaceBoardManager(Connection, String) line: 1159 diff --git a/data/chensun/misuses/mudetect-4/misuse.yml b/data/chensun/misuses/mudetect-4/misuse.yml index a297b47ae..bb8006262 100644 --- a/data/chensun/misuses/mudetect-4/misuse.yml +++ b/data/chensun/misuses/mudetect-4/misuse.yml @@ -7,7 +7,7 @@ description: | The `ResultSet postResult` opened in line 42 is never closed. (Same finding as `mudetectxp-9`) internal: false -location: +locations: file: database/SocialNetworkDatabasePosts.java method: postExists(Connection, String, String, int) line: 42 diff --git a/data/closure/misuses/1/misuse.yml b/data/closure/misuses/1/misuse.yml index b1346eb86..128dc62a0 100644 --- a/data/closure/misuses/1/misuse.yml +++ b/data/closure/misuses/1/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > UnionTypeBuilder.build() returns a JSType that can never be null. Branching on a null check therefore results in dead code. -location: +locations: file: com/google/javascript/rhino/jstype/UnionType.java method: meet(JSType) fix: diff --git a/data/closure/misuses/2/misuse.yml b/data/closure/misuses/2/misuse.yml index 34512c528..c9f1f309e 100644 --- a/data/closure/misuses/2/misuse.yml +++ b/data/closure/misuses/2/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > Parameters.getParameter() may throw CmdLineException. -location: +locations: file: com/google/javascript/jscomp/CommandLineRunner.java method: parseArguments(Parameters) fix: diff --git a/data/closure/misuses/3/misuse.yml b/data/closure/misuses/3/misuse.yml index 1c034ae5d..cbb38f64a 100644 --- a/data/closure/misuses/3/misuse.yml +++ b/data/closure/misuses/3/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > ObjectType.getImplicitPrototype() may return null. -location: +locations: file: com/google/javascript/jscomp/TypeCheck.java method: "checkInterfaceConflictProperties(NodeTraversal, Node, String, HashMap, HashMap, ObjectType)" fix: diff --git a/data/closure/misuses/4/misuse.yml b/data/closure/misuses/4/misuse.yml index 704f63099..c580f8417 100644 --- a/data/closure/misuses/4/misuse.yml +++ b/data/closure/misuses/4/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > List.get() in line 176 is invoked without a prior check whether the list contains sufficiently many elements. -location: +locations: file: com/google/javascript/jscomp/deps/SortedDependencies.java method: "cycleToString(List)" internal: false diff --git a/data/closure/misuses/dmmc-1023/misuse.yml b/data/closure/misuses/dmmc-1023/misuse.yml index b45fcfd58..02fd731e1 100644 --- a/data/closure/misuses/dmmc-1023/misuse.yml +++ b/data/closure/misuses/dmmc-1023/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > Iterator.next() is invoked without prior check of hasNext(). (Same finding as `mudetect-16` and `mudetectxp-0`) -location: +locations: file: com/google/javascript/jscomp/deps/SortedDependencies.java method: "cycleToString(List)" internal: false diff --git a/data/closure/misuses/dmmc-13/misuse.yml b/data/closure/misuses/dmmc-13/misuse.yml index f0904d027..0c3a310f2 100644 --- a/data/closure/misuses/dmmc-13/misuse.yml +++ b/data/closure/misuses/dmmc-13/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > Iterator.next() is invoked without prior check of hasNext(). (Same finding as `mudetect-18` and `mudetectxp-1`) -location: +locations: file: com/google/javascript/jscomp/SimpleDefinitionFinder.java method: "visit(NodeTraversal, Node, Node)" internal: false diff --git a/data/closure/misuses/mudetect-12/misuse.yml b/data/closure/misuses/mudetect-12/misuse.yml index f02687d4b..dfa41f6c1 100644 --- a/data/closure/misuses/mudetect-12/misuse.yml +++ b/data/closure/misuses/mudetect-12/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > Iterator.next() is invoked without prior check that the iterator has more elements. (Same finding as `mudetectxp-6`) -location: +locations: file: com/google/javascript/jscomp/jsonml/Writer.java method: "processCall(Node, JsonML)" internal: false diff --git a/data/closure/misuses/mudetect-13/misuse.yml b/data/closure/misuses/mudetect-13/misuse.yml index d8e19c2b1..747083999 100644 --- a/data/closure/misuses/mudetect-13/misuse.yml +++ b/data/closure/misuses/mudetect-13/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > Iterator.next() is invoked without prior check that the iterator has more elements. (Same finding as `mudetectxp-3`) -location: +locations: file: com/google/javascript/jscomp/ReplaceMessages.java method: "constructStringExprNode(Iterator, Node)" internal: false diff --git a/data/closure/misuses/mudetect-17/misuse.yml b/data/closure/misuses/mudetect-17/misuse.yml index 92f3504ef..932615648 100644 --- a/data/closure/misuses/mudetect-17/misuse.yml +++ b/data/closure/misuses/mudetect-17/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > Iterator.next() is invoked without prior check that the iterator has more elements. (Same finding as `mudetectxp-5`) -location: +locations: file: com/google/javascript/jscomp/TightenTypes.java method: "getImplicitActionsFromCall(Node, JSType)" internal: false diff --git a/data/closure/misuses/mudetect-18/misuse.yml b/data/closure/misuses/mudetect-18/misuse.yml index 26d2b10a3..ff51e702d 100644 --- a/data/closure/misuses/mudetect-18/misuse.yml +++ b/data/closure/misuses/mudetect-18/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > Iterator.next() is invoked without prior check that the iterator has more elements. (Same finding as `mudetectxp-2`) -location: +locations: file: com/google/javascript/jscomp/ReplaceMessages.java method: "constructAddOrStringNode(Iterator, Node)" internal: false diff --git a/data/closure/misuses/mudetectxp-13/misuse.yml b/data/closure/misuses/mudetectxp-13/misuse.yml index 57eeceb03..cc0c6a05f 100644 --- a/data/closure/misuses/mudetectxp-13/misuse.yml +++ b/data/closure/misuses/mudetectxp-13/misuse.yml @@ -8,7 +8,7 @@ description: > On line 176, `List.get(0)` is invoked without prior check of that there is at least one element in the list (the loop that adds elements might be skipped, if an empty list is passed as a parameter). -location: +locations: file: com/google/javascript/jscomp/deps/SortedDependencies.java method: "cycleToString(List)" line: 176 diff --git a/data/closure/misuses/mudetectxp-16/misuse.yml b/data/closure/misuses/mudetectxp-16/misuse.yml index 50630c6bd..8154f8e09 100644 --- a/data/closure/misuses/mudetectxp-16/misuse.yml +++ b/data/closure/misuses/mudetectxp-16/misuse.yml @@ -7,7 +7,7 @@ description: > On line 196, an element is fetched from a map and immediately iterated over. If the map does not have an element for the key (or maps the key to `null`), the lookup returns `null` and the iteration attempt crashes. -location: +locations: file: com/google/javascript/jscomp/SimpleDefinitionFinder.java method: "visit(NodeTraversal, Node, Node)" line: 196 diff --git a/data/closure/misuses/mudetectxp-17/misuse.yml b/data/closure/misuses/mudetectxp-17/misuse.yml index 35213417e..f158b70f5 100644 --- a/data/closure/misuses/mudetectxp-17/misuse.yml +++ b/data/closure/misuses/mudetectxp-17/misuse.yml @@ -7,7 +7,7 @@ description: > On line 239, an element is fetched from a map and immediately iterated over. If the map does not have an element for the key (or maps the key to `null`), the lookup returns `null` and the iteration attempt crashes. -location: +locations: file: com/google/javascript/jscomp/SimpleDefinitionFinder.java method: "visit(NodeTraversal, Node, Node)" line: 239 diff --git a/data/closure/misuses/tikanga-2/misuse.yml b/data/closure/misuses/tikanga-2/misuse.yml index 67bd32890..dc2b6ea9d 100644 --- a/data/closure/misuses/tikanga-2/misuse.yml +++ b/data/closure/misuses/tikanga-2/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > Iterator.next() is invoked without prior check of hasNext(). (Same finding as `mudetect-10` and `mudetectxp-4`) -location: +locations: file: com/google/javascript/jscomp/JSModuleGraph.java method: "getDeepestCommonDependencyInclusive(Collection)" internal: false diff --git a/data/closure/misuses/tikanga-6/misuse.yml b/data/closure/misuses/tikanga-6/misuse.yml index d542590a3..1b88d04ac 100644 --- a/data/closure/misuses/tikanga-6/misuse.yml +++ b/data/closure/misuses/tikanga-6/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > Iterator.next() is invoked without prior check of hasNext(). (Same finding as `mudetect-13` and `mudetectxp-7`) -location: +locations: file: com/google/javascript/jscomp/TypeCheck.java method: "visitParameterList(NodeTraversal, Node, FunctionType)" internal: false diff --git a/data/corona-old/misuses/1/misuse.yml b/data/corona-old/misuses/1/misuse.yml index a8088a99c..2d9957d4f 100644 --- a/data/corona-old/misuses/1/misuse.yml +++ b/data/corona-old/misuses/1/misuse.yml @@ -5,7 +5,7 @@ violations: description: > Uses AES with default mode and padding. Since these values might change per crypto provider this is considered a bad practice. -location: +locations: file: com/corona/crypto/AESCypher.java method: "setEncryptKey(byte[])" internal: true diff --git a/data/corona-old/misuses/2/misuse.yml b/data/corona-old/misuses/2/misuse.yml index d641b198c..8cbfd2196 100644 --- a/data/corona-old/misuses/2/misuse.yml +++ b/data/corona-old/misuses/2/misuse.yml @@ -5,7 +5,7 @@ violations: description: > Uses AES with default mode and padding. Since these values might change per crypto provider this is considered a bad practice. -location: +locations: file: com/corona/crypto/AESCypher.java method: "setDecryptKey(byte[])" internal: true diff --git a/data/corona-old/misuses/3/misuse.yml b/data/corona-old/misuses/3/misuse.yml index 35792ac0d..7763d7c26 100644 --- a/data/corona-old/misuses/3/misuse.yml +++ b/data/corona-old/misuses/3/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses DES which is considered unsafe. -location: +locations: file: com/corona/crypto/DESCypher.java method: "setEncryptKey(byte[])" internal: true diff --git a/data/corona-old/misuses/4/misuse.yml b/data/corona-old/misuses/4/misuse.yml index b147fd387..0d3ac9434 100644 --- a/data/corona-old/misuses/4/misuse.yml +++ b/data/corona-old/misuses/4/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses DES which is considered unsafe. -location: +locations: file: com/corona/crypto/DESCypher.java method: "setDecryptKey(byte[])" internal: true diff --git a/data/dalvik/misuses/1/misuse.yml b/data/dalvik/misuses/1/misuse.yml index 66cdd3ed0..2e0a10ed9 100644 --- a/data/dalvik/misuses/1/misuse.yml +++ b/data/dalvik/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses DES which is considered unsafe. -location: +locations: file: main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java method: "CipherSuite(String, boolean, int, String, String, byte[])" internal: true diff --git a/data/dalvik/misuses/2/misuse.yml b/data/dalvik/misuses/2/misuse.yml index d095422e7..ef0deaee5 100644 --- a/data/dalvik/misuses/2/misuse.yml +++ b/data/dalvik/misuses/2/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses NullCipher as a default which doesn't encrypt the data. -location: +locations: file: src/main/java/javax/crypto/CipherInputStream.java method: "CipherInputStream(InputStream)" internal: true diff --git a/data/dalvik/misuses/3/misuse.yml b/data/dalvik/misuses/3/misuse.yml index ef49e1339..873105de4 100644 --- a/data/dalvik/misuses/3/misuse.yml +++ b/data/dalvik/misuses/3/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses RSA with PKCS1Padding. -location: +locations: file: main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java method: "unwrap(byte[])" internal: true diff --git a/data/drftpd3-extended/misuses/1/misuse.yml b/data/drftpd3-extended/misuses/1/misuse.yml index 984210495..bcf4b5a67 100644 --- a/data/drftpd3-extended/misuses/1/misuse.yml +++ b/data/drftpd3-extended/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses Blowfish with ECB mode. -location: +locations: file: org/drftpd/plugins/sitebot/Blowfish.java method: "Blowfish(String)" fix: diff --git a/data/drftpd3-extended/misuses/2/misuse.yml b/data/drftpd3-extended/misuses/2/misuse.yml index 0250affac..81fd588a8 100644 --- a/data/drftpd3-extended/misuses/2/misuse.yml +++ b/data/drftpd3-extended/misuses/2/misuse.yml @@ -4,7 +4,7 @@ violations: - redundant/call description: > May call `init()` multiple times on the same Cipher instance. -location: +locations: file: org/drftpd/plugins/sitebot/Blowfish.java method: "encrypt(String)" fix: diff --git a/data/ekool/misuses/1/misuse.yml b/data/ekool/misuses/1/misuse.yml index 45b7686a2..a6806d9e3 100644 --- a/data/ekool/misuses/1/misuse.yml +++ b/data/ekool/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses AES with ECB mode. -location: +locations: file: com/JHapps/eKool/SecurePreferences.java method: "SecurePreferences(Context, String, boolean)" fix: diff --git a/data/gnucrasha/misuses/1a/misuse.yml b/data/gnucrasha/misuses/1a/misuse.yml index a3d1e3c0c..eb89ca5fd 100644 --- a/data/gnucrasha/misuses/1a/misuse.yml +++ b/data/gnucrasha/misuses/1a/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > Call Intent.getLongExtra() with UxArgument.ORIGIN_ACCOUNT_UID parameter, which fails because the UUID is a string. -location: +locations: file: org/gnucash/android/ui/passcode/PassLockActivity.java method: onResume() fix: diff --git a/data/gnucrasha/misuses/1b/misuse.yml b/data/gnucrasha/misuses/1b/misuse.yml index 82c66f06b..28eae7347 100644 --- a/data/gnucrasha/misuses/1b/misuse.yml +++ b/data/gnucrasha/misuses/1b/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > Call Intent.getLongExtra() with UxArgument.ORIGIN_ACCOUNT_UID parameter, which fails because the UUID is a string. -location: +locations: file: org/gnucash/android/ui/passcode/PasscodeLockScreenActivity.java method: onPasscodeEntered(String) fix: diff --git a/data/hoverruan-weiboclient4j/misuses/128/misuse.yml b/data/hoverruan-weiboclient4j/misuses/128/misuse.yml index 70c481142..970864059 100644 --- a/data/hoverruan-weiboclient4j/misuses/128/misuse.yml +++ b/data/hoverruan-weiboclient4j/misuses/128/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/weiboclient4j/commit/18b596ad7116f55d8c2b25e9aa4954d3b51507fb revision: 18b596ad7116f55d8c2b25e9aa4954d3b51507fb internal: false -location: +locations: file: weiboclient4j/params/Cid.java method: Cid(String) report: https://github.com/hoverruan/weiboclient4j/pull/15 diff --git a/data/hoverruan-weiboclient4j/misuses/129/misuse.yml b/data/hoverruan-weiboclient4j/misuses/129/misuse.yml index b297e361a..82dd4ae29 100644 --- a/data/hoverruan-weiboclient4j/misuses/129/misuse.yml +++ b/data/hoverruan-weiboclient4j/misuses/129/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/weiboclient4j/commit/18b596ad7116f55d8c2b25e9aa4954d3b51507fb revision: 18b596ad7116f55d8c2b25e9aa4954d3b51507fb internal: false -location: +locations: file: weiboclient4j/params/Id.java method: Id(String) report: https://github.com/hoverruan/weiboclient4j/pull/15 diff --git a/data/hoverruan-weiboclient4j/misuses/130/misuse.yml b/data/hoverruan-weiboclient4j/misuses/130/misuse.yml index 365129db9..ed2136f71 100644 --- a/data/hoverruan-weiboclient4j/misuses/130/misuse.yml +++ b/data/hoverruan-weiboclient4j/misuses/130/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/weiboclient4j/commit/18b596ad7116f55d8c2b25e9aa4954d3b51507fb revision: 18b596ad7116f55d8c2b25e9aa4954d3b51507fb internal: false -location: +locations: file: weiboclient4j/params/Uid.java method: Uid(String) report: https://github.com/hoverruan/weiboclient4j/pull/15 diff --git a/data/hoverruan-weiboclient4j/misuses/131/misuse.yml b/data/hoverruan-weiboclient4j/misuses/131/misuse.yml index 769911b6d..5be424b58 100644 --- a/data/hoverruan-weiboclient4j/misuses/131/misuse.yml +++ b/data/hoverruan-weiboclient4j/misuses/131/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/weiboclient4j/commit/18b596ad7116f55d8c2b25e9aa4954d3b51507fb revision: 18b596ad7116f55d8c2b25e9aa4954d3b51507fb internal: false -location: +locations: file: weiboclient4j/params/Suid.java method: Suid(String) report: https://github.com/hoverruan/weiboclient4j/pull/15 diff --git a/data/hoverruan-weiboclient4j/misuses/132/misuse.yml b/data/hoverruan-weiboclient4j/misuses/132/misuse.yml index 4d23d4316..8a251bb99 100644 --- a/data/hoverruan-weiboclient4j/misuses/132/misuse.yml +++ b/data/hoverruan-weiboclient4j/misuses/132/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/weiboclient4j/commit/18b596ad7116f55d8c2b25e9aa4954d3b51507fb revision: 18b596ad7116f55d8c2b25e9aa4954d3b51507fb internal: false -location: +locations: file: weiboclient4j/params/TargetUid.java method: TargetUid(String) report: https://github.com/hoverruan/weiboclient4j/pull/15 diff --git a/data/hoverruan-weiboclient4j/misuses/133/misuse.yml b/data/hoverruan-weiboclient4j/misuses/133/misuse.yml index f26b2021f..6fc97adeb 100644 --- a/data/hoverruan-weiboclient4j/misuses/133/misuse.yml +++ b/data/hoverruan-weiboclient4j/misuses/133/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/weiboclient4j/commit/18b596ad7116f55d8c2b25e9aa4954d3b51507fb revision: 18b596ad7116f55d8c2b25e9aa4954d3b51507fb internal: false -location: +locations: file: weiboclient4j/params/SourceUid.java method: SourceUid(String) report: https://github.com/hoverruan/weiboclient4j/pull/15 diff --git a/data/hoverruan-weiboclient4j/misuses/134/misuse.yml b/data/hoverruan-weiboclient4j/misuses/134/misuse.yml index 08ef98129..7e2bda555 100644 --- a/data/hoverruan-weiboclient4j/misuses/134/misuse.yml +++ b/data/hoverruan-weiboclient4j/misuses/134/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/weiboclient4j/commit/18b596ad7116f55d8c2b25e9aa4954d3b51507fb revision: 18b596ad7116f55d8c2b25e9aa4954d3b51507fb internal: false -location: +locations: file: weiboclient4j/params/TagId.java method: TagId(String) report: https://github.com/hoverruan/weiboclient4j/pull/15 diff --git a/data/httpclient/misuses/1/misuse.yml b/data/httpclient/misuses/1/misuse.yml index 9a8534846..c8453f283 100644 --- a/data/httpclient/misuses/1/misuse.yml +++ b/data/httpclient/misuses/1/misuse.yml @@ -5,7 +5,7 @@ violations: crash: false description: > Exception on HttpConnection.writeRequest() leaves the connection open. -location: +locations: file: org/apache/commons/httpclient/HttpMethodDirector.java method: executeWithRetry(HttpMethod) fix: diff --git a/data/httpclient/misuses/2/misuse.yml b/data/httpclient/misuses/2/misuse.yml index beade162c..95df883ff 100644 --- a/data/httpclient/misuses/2/misuse.yml +++ b/data/httpclient/misuses/2/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > When AuthState.isPreemptive(), both invalidate() and setAuthRequested(true) should be called. The latter was missing. -location: +locations: file: org/apache/commons/httpclient/HttpMethodDirector.java method: processWWWAuthChallenge(HttpMethod) fix: diff --git a/data/httpclient/misuses/3/misuse.yml b/data/httpclient/misuses/3/misuse.yml index 77007b826..e521c6635 100644 --- a/data/httpclient/misuses/3/misuse.yml +++ b/data/httpclient/misuses/3/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > When AuthState.isPreemptive(), both invalidate() and setAuthRequested(true) should be called. The latter was missing. -location: +locations: file: org/apache/commons/httpclient/HttpMethodDirector.java method: processProxyAuthChallenge(HttpMethod) fix: diff --git a/data/httpclient/misuses/4/misuse.yml b/data/httpclient/misuses/4/misuse.yml index 05744af08..0bda4d14c 100644 --- a/data/httpclient/misuses/4/misuse.yml +++ b/data/httpclient/misuses/4/misuse.yml @@ -6,7 +6,7 @@ violations: crash: false description: > Misses to pass Locale to constructor of SimpleDateFormat. -location: +locations: file: org/apache/commons/httpclient/util/DateUtil.java method: "formatDate(Date, String)" fix: diff --git a/data/httpclient/misuses/mudetect-14/misuse.yml b/data/httpclient/misuses/mudetect-14/misuse.yml index 8be3483e8..38a6665b0 100644 --- a/data/httpclient/misuses/mudetect-14/misuse.yml +++ b/data/httpclient/misuses/mudetect-14/misuse.yml @@ -7,7 +7,7 @@ crash: false description: > On line 424, a warning message is issued (`LOG.warn()`) without a prior checking whether warning messages are enabled (`LOG.isWarnEnable()`). -location: +locations: file: org/apache/commons/httpclient/HttpMethodDirector.java method: executeWithRetry(HttpMethod) line: 424 diff --git a/data/infosec-3/misuses/1/misuse.yml b/data/infosec-3/misuses/1/misuse.yml index 33bc43685..d17d22ab5 100644 --- a/data/infosec-3/misuses/1/misuse.yml +++ b/data/infosec-3/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses DES which is considered unsafe. -location: +locations: file: app/checker/PrivateKeyChecker.java method: "decryptPKCS5(byte[], Key)" internal: true diff --git a/data/itext/misuses/1/misuse.yml b/data/itext/misuses/1/misuse.yml index 1021d04ef..93438c8a0 100644 --- a/data/itext/misuses/1/misuse.yml +++ b/data/itext/misuses/1/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > Cipher.init may throw InvalidKeyException. -location: +locations: file: com/itextpdf/text/pdf/PdfPublicKeySecurityHandler.java method: "computeRecipientInfo(X509Certificate, byte[])" fix: diff --git a/data/itext/misuses/2/misuse.yml b/data/itext/misuses/2/misuse.yml index 14ac39c1e..b175f23d9 100644 --- a/data/itext/misuses/2/misuse.yml +++ b/data/itext/misuses/2/misuse.yml @@ -7,7 +7,7 @@ crash: true description: | On line 187 `EXTENDED.charAt()` is invoked without ensuring that the respective string actually has sufficiently many characters. -location: +locations: file: com/itextpdf/text/pdf/Barcode39.java method: "getCode39Ex(String)" internal: false diff --git a/data/itext/misuses/3/misuse.yml b/data/itext/misuses/3/misuse.yml index e2d2663f8..cc50f3305 100644 --- a/data/itext/misuses/3/misuse.yml +++ b/data/itext/misuses/3/misuse.yml @@ -9,7 +9,7 @@ description: | string actually has sufficiently many characters. From the constant initialization on line 363 we take that `k` will assume the values 0 and 1, while `_code` might be any string. -location: +locations: file: com/itextpdf/text/pdf/BarcodeEAN.java method: "getBarsSupplemental2(String)" line: 365 diff --git a/data/itext/misuses/4/misuse.yml b/data/itext/misuses/4/misuse.yml index 92e72ed71..d1f4e9f39 100644 --- a/data/itext/misuses/4/misuse.yml +++ b/data/itext/misuses/4/misuse.yml @@ -9,7 +9,7 @@ description: | string actually has sufficiently many characters. From the constant initialization on line 401 we take that `k` will assume the values from [0, 4], while `_code` might be any string. -location: +locations: file: com/itextpdf/text/pdf/BarcodeEAN.java method: "getBarsSupplemental5(String)" line: 403 diff --git a/data/itext/misuses/dmmc-15/misuse.yml b/data/itext/misuses/dmmc-15/misuse.yml index e232ae9f8..35d8488d0 100644 --- a/data/itext/misuses/dmmc-15/misuse.yml +++ b/data/itext/misuses/dmmc-15/misuse.yml @@ -11,7 +11,7 @@ description: > usage is unsafe against invalid values and we, therefore, consider it a misuse. (Same finding as `mudetectxp-3`) -location: +locations: file: com/itextpdf/text/pdf/SimpleBookmark.java method: "iterateOutlines(PdfWriter, PdfIndirectReference, List, boolean)" line: 549 diff --git a/data/itext/misuses/dmmc-16/misuse.yml b/data/itext/misuses/dmmc-16/misuse.yml index 2cb4e20c2..2d7ead02a 100644 --- a/data/itext/misuses/dmmc-16/misuse.yml +++ b/data/itext/misuses/dmmc-16/misuse.yml @@ -10,7 +10,7 @@ description: > `hasNextToken()`. The enclosing method implements a lookup, which may be expected to throw if there is no matching element. However, this is not explicit. -location: +locations: file: com/itextpdf/text/pdf/CJKFont.java method: "getBBox(int)" line: 396 diff --git a/data/itext/misuses/dmmc-16a/misuse.yml b/data/itext/misuses/dmmc-16a/misuse.yml index f09d4eb4d..c86b7aa91 100644 --- a/data/itext/misuses/dmmc-16a/misuse.yml +++ b/data/itext/misuses/dmmc-16a/misuse.yml @@ -10,7 +10,7 @@ description: > method implements a lookup, which may be expected to throw if there is no matching element. However, this is not explicit. (Same finding as `mudetectxp-12`) -location: +locations: file: com/itextpdf/text/pdf/CJKFont.java method: "getBBox(int)" line: 393 diff --git a/data/itext/misuses/dmmc-18/misuse.yml b/data/itext/misuses/dmmc-18/misuse.yml index ee1b447e5..42d8aa280 100644 --- a/data/itext/misuses/dmmc-18/misuse.yml +++ b/data/itext/misuses/dmmc-18/misuse.yml @@ -11,7 +11,7 @@ description: > usage is unsafe against invalid values and we, therefore, consider it a misuse. (Same finding as `mudetectxp-7`) -location: +locations: file: com/itextpdf/text/html/WebColors.java method: "getRGBColor(String)" line: 265 diff --git a/data/itext/misuses/dmmc-357/misuse.yml b/data/itext/misuses/dmmc-357/misuse.yml index c773d26cf..f268d5721 100644 --- a/data/itext/misuses/dmmc-357/misuse.yml +++ b/data/itext/misuses/dmmc-357/misuse.yml @@ -8,7 +8,7 @@ description: > On line 508, `Iterator.next()` is invoked without prior check that there are sufficiently many elements. (Same finding as `mudetect-2` and `mudetectxp-2`) -location: +locations: file: com/itextpdf/text/pdf/PdfWriter.java method: "writeCrossReferenceTable(OutputStream, PdfIndirectReference, PdfIndirectReference, PdfIndirectReference, PdfObject, long)" line: 508 diff --git a/data/itext/misuses/dmmc-61/misuse.yml b/data/itext/misuses/dmmc-61/misuse.yml index db916b567..d97350262 100644 --- a/data/itext/misuses/dmmc-61/misuse.yml +++ b/data/itext/misuses/dmmc-61/misuse.yml @@ -8,7 +8,7 @@ description: > On line 1599, `Iterator.next()` is invoked without prior check that there are sufficiently many elements. (Same finding as `mudetect-1` and `mudetectxp-1`) -location: +locations: file: com/itextpdf/awt/PdfGraphics2D.java method: "drawImage(Image, Image, AffineTransform, Color, ImageObserver)" line: 1599 diff --git a/data/itext/misuses/dmmc-937/misuse.yml b/data/itext/misuses/dmmc-937/misuse.yml index e705f7641..28bea9d82 100644 --- a/data/itext/misuses/dmmc-937/misuse.yml +++ b/data/itext/misuses/dmmc-937/misuse.yml @@ -9,7 +9,7 @@ description: > are sufficiently many elements. (Same finding as `tikanga-12` and `mudetect-0` and `mudetectxp-0`). -location: +locations: file: com/itextpdf/text/pdf/PdfPKCS7.java method: "PdfPKCS7(byte[], byte[], String)" line: 324 diff --git a/data/itext/misuses/jadet-5/misuse.yml b/data/itext/misuses/jadet-5/misuse.yml index 5fdd298c9..1b59ca4ee 100644 --- a/data/itext/misuses/jadet-5/misuse.yml +++ b/data/itext/misuses/jadet-5/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > PdfArray.getPdfObject() is invoked without checking that the array contains sufficiently many objects. -location: +locations: file: com/itextpdf/text/pdf/PdfStructureTreeRoot.java method: "nodeProcess(PdfDictionary, PdfIndirectReference)" internal: true diff --git a/data/itext/misuses/jadet-9/misuse.yml b/data/itext/misuses/jadet-9/misuse.yml index e7ce88d84..1355a8ecb 100644 --- a/data/itext/misuses/jadet-9/misuse.yml +++ b/data/itext/misuses/jadet-9/misuse.yml @@ -9,7 +9,7 @@ description: > sufficiently many objects. Is also jadet-10. -location: +locations: file: com/itextpdf/text/pdf/fonts/cmaps/AbstractCMap.java method: "addRange(PdfString, PdfString, PdfObject)" internal: true diff --git a/data/itext/misuses/mudetect-10/misuse.yml b/data/itext/misuses/mudetect-10/misuse.yml index 42a3821ed..2c1d0ccd5 100644 --- a/data/itext/misuses/mudetect-10/misuse.yml +++ b/data/itext/misuses/mudetect-10/misuse.yml @@ -6,7 +6,7 @@ crash: true description: | On line 244, a `PdfObject` is fetched from a `PdfArray`. Since the array may contain a `null` value, the object should be checked before it is used. -location: +locations: file: com/itextpdf/text/pdf/SimpleBookmark.java method: "makeBookmarkParam(PdfArray, IntHashtable)" internal: true diff --git a/data/itext/misuses/mudetect-38/misuse.yml b/data/itext/misuses/mudetect-38/misuse.yml index 64beed93d..6a4b91ecd 100644 --- a/data/itext/misuses/mudetect-38/misuse.yml +++ b/data/itext/misuses/mudetect-38/misuse.yml @@ -6,7 +6,7 @@ crash: true description: | The method `PdfLayer.getAsString()` is invoked and the result is immediately converted `toUnicodeString()`, without checking whether it is `null`. From [the documentation og `getAsString()`](http://itextsupport.com/apidocs/itext5/latest/com/itextpdf/text/pdf/PdfDictionary.html#getAsString-com.itextpdf.text.pdf.PdfName-) we take that this is unsafe: "Returns a PdfObject as a PdfString, resolving indirect references. The object associated with the PdfName given is retrieved and resolved to a direct object. If it is a PdfString, it is cast down and returned as such. Otherwise null is returned." -location: +locations: file: com/itextpdf/text/pdf/PdfLayer.java method: "addChild(PdfLayer)" internal: true diff --git a/data/ivantrendafilov-confucius/misuses/100/misuse.yml b/data/ivantrendafilov-confucius/misuses/100/misuse.yml index b0453bbfa..619eca774 100644 --- a/data/ivantrendafilov-confucius/misuses/100/misuse.yml +++ b/data/ivantrendafilov-confucius/misuses/100/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/Confucius/commit/2fefd5eb6d77ab1b83efe3bf50171aabc7128460 revision: 2fefd5eb6d77ab1b83efe3bf50171aabc7128460 internal: false -location: +locations: file: org/trendafilov/confucius/core/AbstractConfiguration.java method: getShortValue(String, short) report: https://github.com/IvanTrendafilov/Confucius/pull/6 diff --git a/data/ivantrendafilov-confucius/misuses/101/misuse.yml b/data/ivantrendafilov-confucius/misuses/101/misuse.yml index aaf9e0548..cb100dee2 100644 --- a/data/ivantrendafilov-confucius/misuses/101/misuse.yml +++ b/data/ivantrendafilov-confucius/misuses/101/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/Confucius/commit/2fefd5eb6d77ab1b83efe3bf50171aabc7128460 revision: 2fefd5eb6d77ab1b83efe3bf50171aabc7128460 internal: false -location: +locations: file: org/trendafilov/confucius/core/AbstractConfiguration.java method: getShortList(String, String) report: https://github.com/IvanTrendafilov/Confucius/pull/6 diff --git a/data/ivantrendafilov-confucius/misuses/93/misuse.yml b/data/ivantrendafilov-confucius/misuses/93/misuse.yml index cd68e0827..744f5c302 100644 --- a/data/ivantrendafilov-confucius/misuses/93/misuse.yml +++ b/data/ivantrendafilov-confucius/misuses/93/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/Confucius/commit/2fefd5eb6d77ab1b83efe3bf50171aabc7128460 revision: 2fefd5eb6d77ab1b83efe3bf50171aabc7128460 internal: false -location: +locations: file: org/trendafilov/confucius/core/AbstractConfiguration.java method: getByteValue(String) report: https://github.com/IvanTrendafilov/Confucius/pull/6 diff --git a/data/ivantrendafilov-confucius/misuses/94/misuse.yml b/data/ivantrendafilov-confucius/misuses/94/misuse.yml index 13acfe770..87cd49eca 100644 --- a/data/ivantrendafilov-confucius/misuses/94/misuse.yml +++ b/data/ivantrendafilov-confucius/misuses/94/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/Confucius/commit/2fefd5eb6d77ab1b83efe3bf50171aabc7128460 revision: 2fefd5eb6d77ab1b83efe3bf50171aabc7128460 internal: false -location: +locations: file: org/trendafilov/confucius/core/AbstractConfiguration.java method: getByteValue(String, byte) report: https://github.com/IvanTrendafilov/Confucius/pull/6 diff --git a/data/ivantrendafilov-confucius/misuses/95/misuse.yml b/data/ivantrendafilov-confucius/misuses/95/misuse.yml index 616bf329b..fd283b896 100644 --- a/data/ivantrendafilov-confucius/misuses/95/misuse.yml +++ b/data/ivantrendafilov-confucius/misuses/95/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/Confucius/commit/2fefd5eb6d77ab1b83efe3bf50171aabc7128460 revision: 2fefd5eb6d77ab1b83efe3bf50171aabc7128460 internal: false -location: +locations: file: org/trendafilov/confucius/core/AbstractConfiguration.java method: getByteList(String, String) report: https://github.com/IvanTrendafilov/Confucius/pull/6 diff --git a/data/ivantrendafilov-confucius/misuses/96/misuse.yml b/data/ivantrendafilov-confucius/misuses/96/misuse.yml index 5cb6533d2..025609254 100644 --- a/data/ivantrendafilov-confucius/misuses/96/misuse.yml +++ b/data/ivantrendafilov-confucius/misuses/96/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/Confucius/commit/2fefd5eb6d77ab1b83efe3bf50171aabc7128460 revision: 2fefd5eb6d77ab1b83efe3bf50171aabc7128460 internal: false -location: +locations: file: org/trendafilov/confucius/core/AbstractConfiguration.java method: getLongValue(String) report: https://github.com/IvanTrendafilov/Confucius/pull/6 diff --git a/data/ivantrendafilov-confucius/misuses/97/misuse.yml b/data/ivantrendafilov-confucius/misuses/97/misuse.yml index 16c56a14b..4df04af67 100644 --- a/data/ivantrendafilov-confucius/misuses/97/misuse.yml +++ b/data/ivantrendafilov-confucius/misuses/97/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/Confucius/commit/2fefd5eb6d77ab1b83efe3bf50171aabc7128460 revision: 2fefd5eb6d77ab1b83efe3bf50171aabc7128460 internal: false -location: +locations: file: org/trendafilov/confucius/core/AbstractConfiguration.java method: getLongValue(String, long) report: https://github.com/IvanTrendafilov/Confucius/pull/6 diff --git a/data/ivantrendafilov-confucius/misuses/98/misuse.yml b/data/ivantrendafilov-confucius/misuses/98/misuse.yml index 83a4f6ddc..0c44c2a23 100644 --- a/data/ivantrendafilov-confucius/misuses/98/misuse.yml +++ b/data/ivantrendafilov-confucius/misuses/98/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/Confucius/commit/2fefd5eb6d77ab1b83efe3bf50171aabc7128460 revision: 2fefd5eb6d77ab1b83efe3bf50171aabc7128460 internal: false -location: +locations: file: org/trendafilov/confucius/core/AbstractConfiguration.java method: getLongList(String, String) report: https://github.com/IvanTrendafilov/Confucius/pull/6 diff --git a/data/ivantrendafilov-confucius/misuses/99/misuse.yml b/data/ivantrendafilov-confucius/misuses/99/misuse.yml index 6774da3a5..b40bf4fc5 100644 --- a/data/ivantrendafilov-confucius/misuses/99/misuse.yml +++ b/data/ivantrendafilov-confucius/misuses/99/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/Confucius/commit/2fefd5eb6d77ab1b83efe3bf50171aabc7128460 revision: 2fefd5eb6d77ab1b83efe3bf50171aabc7128460 internal: false -location: +locations: file: org/trendafilov/confucius/core/AbstractConfiguration.java method: getShortValue(String) report: https://github.com/IvanTrendafilov/Confucius/pull/6 diff --git a/data/jackrabbit-incubator/misuses/1/misuse.yml b/data/jackrabbit-incubator/misuses/1/misuse.yml index 426c2dda8..2c3e3d58f 100644 --- a/data/jackrabbit-incubator/misuses/1/misuse.yml +++ b/data/jackrabbit-incubator/misuses/1/misuse.yml @@ -10,7 +10,7 @@ description: > (which delegates to FileSytem.fileExists()). FileSystem.deleteFile() throws, if the file does not exist. A refactoring was performed in the course of the fix, to remove duplication. -location: +locations: file: "?" method: "?" fix: diff --git a/data/jackrabbit-incubator/misuses/2/misuse.yml b/data/jackrabbit-incubator/misuses/2/misuse.yml index b7016d6b4..2e1d88df1 100644 --- a/data/jackrabbit-incubator/misuses/2/misuse.yml +++ b/data/jackrabbit-incubator/misuses/2/misuse.yml @@ -6,7 +6,7 @@ violations: crash: true description: > Below !File.exists() File.mkdir() was called, instead of File.mkdirs(). -location: +locations: file: org/apache/jackrabbit/core/state/bdb/BerkeleyDBPersistenceManager.java method: init(PMContext) fix: diff --git a/data/jackrabbit/misuses/1/misuse.yml b/data/jackrabbit/misuses/1/misuse.yml index 20d925868..16e33f1ff 100644 --- a/data/jackrabbit/misuses/1/misuse.yml +++ b/data/jackrabbit/misuses/1/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > ItemData.getState() may be null. -location: +locations: file: org/apache/jackrabbit/core/ItemManager.java method: "canRead(ItemData, Path)" fix: diff --git a/data/jackrabbit/misuses/10/misuse.yml b/data/jackrabbit/misuses/10/misuse.yml index fc23ff51b..564bf2d9e 100644 --- a/data/jackrabbit/misuses/10/misuse.yml +++ b/data/jackrabbit/misuses/10/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > HierarchyEntry.getParent() may return null. -location: +locations: file: org/apache/jackrabbit/jcr2spi/state/ItemState.java method: getParent() fix: diff --git a/data/jackrabbit/misuses/11/misuse.yml b/data/jackrabbit/misuses/11/misuse.yml index 123cc8dff..8b96c234c 100644 --- a/data/jackrabbit/misuses/11/misuse.yml +++ b/data/jackrabbit/misuses/11/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > PreparedStatement.setFetchSize(x) and PreparedStatement.setMaxRows(y) have the constraint x <= y iff y > 0. -location: +locations: file: org/apache/jackrabbit/core/util/db/ConnectionHelper.java method: "reallyExec(String, Object[], boolean, int)" fix: diff --git a/data/jackrabbit/misuses/12/misuse.yml b/data/jackrabbit/misuses/12/misuse.yml index 53318116a..3ccbfc9d0 100644 --- a/data/jackrabbit/misuses/12/misuse.yml +++ b/data/jackrabbit/misuses/12/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > Map.get() may return null and RepositoryConfig.create() expects non-null parameter. -location: +locations: file: org/apache/jackrabbit/jca/JCARepositoryManager.java method: "createNonTransientRepository(Map)" fix: diff --git a/data/jackrabbit/misuses/2/misuse.yml b/data/jackrabbit/misuses/2/misuse.yml index 6fd5faaa5..1865d0c7a 100644 --- a/data/jackrabbit/misuses/2/misuse.yml +++ b/data/jackrabbit/misuses/2/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > Map.get() may return null. -location: +locations: file: org/apache/jackrabbit/webdav/jcr/JcrDavException.java method: JcrDavException(RepositoryException) fix: diff --git a/data/jackrabbit/misuses/3a/misuse.yml b/data/jackrabbit/misuses/3a/misuse.yml index d46d646b9..dc41c1cac 100644 --- a/data/jackrabbit/misuses/3a/misuse.yml +++ b/data/jackrabbit/misuses/3a/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > The results of ConfigurationParser.getAttribute() should be processed by ConfigurationParser.replaceVariables(). This step was missing. -location: +locations: file: org/apache/jackrabbit/core/config/RepositoryConfigurationParser.java method: parseClusterConfig(Element) fix: diff --git a/data/jackrabbit/misuses/3b/misuse.yml b/data/jackrabbit/misuses/3b/misuse.yml index d46d646b9..dc41c1cac 100644 --- a/data/jackrabbit/misuses/3b/misuse.yml +++ b/data/jackrabbit/misuses/3b/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > The results of ConfigurationParser.getAttribute() should be processed by ConfigurationParser.replaceVariables(). This step was missing. -location: +locations: file: org/apache/jackrabbit/core/config/RepositoryConfigurationParser.java method: parseClusterConfig(Element) fix: diff --git a/data/jackrabbit/misuses/5/misuse.yml b/data/jackrabbit/misuses/5/misuse.yml index d2d3f83d3..4399e6ec1 100644 --- a/data/jackrabbit/misuses/5/misuse.yml +++ b/data/jackrabbit/misuses/5/misuse.yml @@ -7,7 +7,7 @@ description: > InputStream.close() should be called after finished using the stream. The particular stream is passed to QValueFactoryImpl.create() as a parameter, but should be closed by the method, as defined in its contract. -location: +locations: file: org/apache/jackrabbit/spi/commons/value/QValueFactoryImpl.java method: "BinaryQValue(InputStream, boolean)" fix: diff --git a/data/jackrabbit/misuses/6/misuse.yml b/data/jackrabbit/misuses/6/misuse.yml index e237abc03..8930b74a6 100644 --- a/data/jackrabbit/misuses/6/misuse.yml +++ b/data/jackrabbit/misuses/6/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > IOManager.getDetector() may return null. -location: +locations: file: org/apache/jackrabbit/server/io/DefaultHandler.java method: detect(String) fix: diff --git a/data/jackrabbit/misuses/7/misuse.yml b/data/jackrabbit/misuses/7/misuse.yml index 45b9190b3..9fa4c71ca 100644 --- a/data/jackrabbit/misuses/7/misuse.yml +++ b/data/jackrabbit/misuses/7/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > NodeState.getParentId() may return null and ItemStateManager.getItemState() expects non-null parameter. -location: +locations: file: org/apache/jackrabbit/core/query/lucene/IndexingConfigurationImpl.java method: evaluate(NodeState) fix: diff --git a/data/jackrabbit/misuses/8/misuse.yml b/data/jackrabbit/misuses/8/misuse.yml index babb8bbd7..374a22f70 100644 --- a/data/jackrabbit/misuses/8/misuse.yml +++ b/data/jackrabbit/misuses/8/misuse.yml @@ -8,7 +8,7 @@ description: > Boolean.parseBoolean() turns a string to a boolean, while Boolean.getBoolean() looks up the boolean value of a system property. The latter method was called here, where it should have been the former. -location: +locations: file: org/apache/jackrabbit/core/persistence/xml/XMLPersistenceManager.java method: "readState(DOMWalker, PropertyState)" fix: diff --git a/data/jackrabbit/misuses/9/misuse.yml b/data/jackrabbit/misuses/9/misuse.yml index 37564faa2..376524360 100644 --- a/data/jackrabbit/misuses/9/misuse.yml +++ b/data/jackrabbit/misuses/9/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > NamespaceStorage maps from prefixes to URIs. It's method unregisterNamespace expects an URI, but was give a prefix instead. -location: +locations: file: org/apache/jackrabbit/jcr2spi/NamespaceRegistryImpl.java method: unregisterNamespace(String) fix: diff --git a/data/jclouds/misuses/1/misuse.yml b/data/jclouds/misuses/1/misuse.yml index d8ee09fd5..27461743c 100644 --- a/data/jclouds/misuses/1/misuse.yml +++ b/data/jclouds/misuses/1/misuse.yml @@ -5,7 +5,7 @@ violations: description: > Uses AES with default mode and padding. Since these values might change per crypto provider this is considered a bad practice. -location: +locations: file: main/java/org/jclouds/encryption/bouncycastle/BouncyCastleEncryptionService.java method: "rsaPrivateEncrypt(String, Key)" internal: true diff --git a/data/jfreechart/misuses/1/misuse.yml b/data/jfreechart/misuses/1/misuse.yml index e0823c257..3f0971256 100644 --- a/data/jfreechart/misuses/1/misuse.yml +++ b/data/jfreechart/misuses/1/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > Iterates over two PathIterators from the same GeneralPath instead of one of the first path and one of the second. -location: +locations: file: org/jfree/chart/util/ShapeUtilities.java method: "equal(GeneralPath, GeneralPath)" fix: diff --git a/data/jfreechart/misuses/2/misuse.yml b/data/jfreechart/misuses/2/misuse.yml index 64b8aec2b..0b3efaa2a 100644 --- a/data/jfreechart/misuses/2/misuse.yml +++ b/data/jfreechart/misuses/2/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > PlotRenderingInfo.getOwner() may return null. -location: +locations: file: org/jfree/chart/axis/Axis.java method: "drawLabel(String, Graphics2D, Rectangle2D, Rectangle2D, RectangleEdge, AxisState, PlotRenderingInfo)" fix: diff --git a/data/jfreechart/misuses/3a/misuse.yml b/data/jfreechart/misuses/3a/misuse.yml index b98118e7d..76620b5c3 100644 --- a/data/jfreechart/misuses/3a/misuse.yml +++ b/data/jfreechart/misuses/3a/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > StatisticalCategoryDataset.getMeanValue() may return null. -location: +locations: file: org/jfree/chart/renderer/category/StatisticalBarRenderer.java method: "drawHorizontalItem(Graphics2D, CategoryItemRendererState, Rectangle2D, CategoryPlot, CategoryAxis, ValueAxis, StatisticalCategoryDataset, int, int)" fix: diff --git a/data/jfreechart/misuses/3b/misuse.yml b/data/jfreechart/misuses/3b/misuse.yml index 7f8967f01..e2bf00da8 100644 --- a/data/jfreechart/misuses/3b/misuse.yml +++ b/data/jfreechart/misuses/3b/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > StatisticalCategoryDataset.getMeanValue() may return null. -location: +locations: file: org/jfree/chart/renderer/category/StatisticalBarRenderer.java method: "drawVerticalItem(Graphics2D, CategoryItemRendererState, Rectangle2D, CategoryPlot, CategoryAxis, ValueAxis, StatisticalCategoryDataset, int, int)" fix: diff --git a/data/jfreechart/misuses/4a/misuse.yml b/data/jfreechart/misuses/4a/misuse.yml index 8e24e2339..5cd74983d 100644 --- a/data/jfreechart/misuses/4a/misuse.yml +++ b/data/jfreechart/misuses/4a/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > StatisticalCategoryDataset.getStDevValue() may return null. -location: +locations: file: org/jfree/chart/renderer/category/StatisticalBarRenderer.java method: "drawHorizontalItem(Graphics2D, CategoryItemRendererState, Rectangle2D, CategoryPlot, CategoryAxis, ValueAxis, StatisticalCategoryDataset, int, int)" fix: diff --git a/data/jfreechart/misuses/4b/misuse.yml b/data/jfreechart/misuses/4b/misuse.yml index 4a28decb7..6553533de 100644 --- a/data/jfreechart/misuses/4b/misuse.yml +++ b/data/jfreechart/misuses/4b/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > StatisticalCategoryDataset.getStDevValue() may return null. -location: +locations: file: org/jfree/chart/renderer/category/StatisticalBarRenderer.java method: "drawVerticalItem(Graphics2D, CategoryItemRendererState, Rectangle2D, CategoryPlot, CategoryAxis, ValueAxis, StatisticalCategoryDataset, int, int)" fix: diff --git a/data/jfreechart/misuses/5/misuse.yml b/data/jfreechart/misuses/5/misuse.yml index d5fcf3dff..f9fc48afb 100644 --- a/data/jfreechart/misuses/5/misuse.yml +++ b/data/jfreechart/misuses/5/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > XYPlot.getRendererForDataset() may return null. -location: +locations: file: org/jfree/chart/plot/XYPlot.java method: getDataRange(ValueAxis) fix: diff --git a/data/jfreechart/misuses/6/misuse.yml b/data/jfreechart/misuses/6/misuse.yml index 86cbe7563..cde1ed2cf 100644 --- a/data/jfreechart/misuses/6/misuse.yml +++ b/data/jfreechart/misuses/6/misuse.yml @@ -6,7 +6,7 @@ violations: crash: true description: > CategoryPlot.getDataset() may return null. The check for null was flipped. -location: +locations: file: org/jfree/chart/renderer/category/AbstractCategoryItemRenderer.java method: getLegendItems() fix: diff --git a/data/jfreechart/misuses/7a/misuse.yml b/data/jfreechart/misuses/7a/misuse.yml index 3c4125c25..faf20c2fa 100644 --- a/data/jfreechart/misuses/7a/misuse.yml +++ b/data/jfreechart/misuses/7a/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > Map.get() may return null. -location: +locations: file: org/jfree/chart/plot/CategoryPlot.java method: "removeDomainMarker(int, Marker, Layer, boolean)" fix: diff --git a/data/jfreechart/misuses/7b/misuse.yml b/data/jfreechart/misuses/7b/misuse.yml index e75fffb66..d748567b9 100644 --- a/data/jfreechart/misuses/7b/misuse.yml +++ b/data/jfreechart/misuses/7b/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > Map.get() may return null. -location: +locations: file: org/jfree/chart/plot/CategoryPlot.java method: "removeRangeMarker(int, Marker, Layer, boolean)" fix: diff --git a/data/jigsaw/misuses/grouminer09-1_not-a-misuse/misuse.yml b/data/jigsaw/misuses/grouminer09-1_not-a-misuse/misuse.yml index c915a9126..3f77cc8f2 100644 --- a/data/jigsaw/misuses/grouminer09-1_not-a-misuse/misuse.yml +++ b/data/jigsaw/misuses/grouminer09-1_not-a-misuse/misuse.yml @@ -7,7 +7,7 @@ description: > The usage calls `nextToken()` on `StringTokenizer` without checking `hasMoreTokens()`. However, the usage handles `NoSuchElementException`, which is a valid alternative. Therefore, we do not consider this a misuse. -location: +locations: file: "org/w3c/jigsaw/map/MapEntry.java" # There's three methods matching this signature in the file, all of which follow the same implementation pattern method: "parseRestNCSA(String)" diff --git a/data/jigsaw/misuses/mudetect-10/misuse.yml b/data/jigsaw/misuses/mudetect-10/misuse.yml index 82609e9df..b5535b794 100644 --- a/data/jigsaw/misuses/mudetect-10/misuse.yml +++ b/data/jigsaw/misuses/mudetect-10/misuse.yml @@ -8,7 +8,7 @@ description: | On line 434, an element is fetched through `Enumeration.nextElement()` without checking that there is such an element. internal: false -location: +locations: file: org/w3c/jigsaw/servlet/JigsawHttpServletRequest.java method: getLocale() line: 434 diff --git a/data/jigsaw/misuses/mudetect-12/misuse.yml b/data/jigsaw/misuses/mudetect-12/misuse.yml index f3895106e..2d961b1fb 100644 --- a/data/jigsaw/misuses/mudetect-12/misuse.yml +++ b/data/jigsaw/misuses/mudetect-12/misuse.yml @@ -9,7 +9,7 @@ description: | type is too general, since it might accidentially hide problems unrelated to lock conflicts. internal: true -location: +locations: file: org/w3c/jigedit/tools/ToolsListerFrame.java method: handle(Request, URLDecoder) line: 266 diff --git a/data/jigsaw/misuses/tikanga-0/misuse.yml b/data/jigsaw/misuses/tikanga-0/misuse.yml index 17c3cd0de..4ded99b1a 100644 --- a/data/jigsaw/misuses/tikanga-0/misuse.yml +++ b/data/jigsaw/misuses/tikanga-0/misuse.yml @@ -9,7 +9,7 @@ description: | exceptional case in line 297). (Same finding as `mudetect-2`) internal: true -location: +locations: file: org/w3c/jigsaw/proxy/ProxyFrame.java method: lookupOther(LookupState, LookupResult) line: 284 diff --git a/data/jmrtd/misuses/1/misuse.yml b/data/jmrtd/misuses/1/misuse.yml index 40f89b89c..b638417c1 100644 --- a/data/jmrtd/misuses/1/misuse.yml +++ b/data/jmrtd/misuses/1/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > DataOutputStream is left open. (Same as `mudetectxp-1`) -location: +locations: file: sos/mrtd/SecureMessagingWrapper.java method: "readDO8E(DataInputStream, byte[])" fix: diff --git a/data/jmrtd/misuses/2/misuse.yml b/data/jmrtd/misuses/2/misuse.yml index 9881b63cb..b937868ea 100644 --- a/data/jmrtd/misuses/2/misuse.yml +++ b/data/jmrtd/misuses/2/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > Passes Cipher.ENCRYPT_MODE to Cipher.init(), but uses the cipher for decryption. -location: +locations: file: sos/mrtd/PassportAuthService.java method: doAA(PublicKey) fix: diff --git a/data/jodatime/misuses/1/misuse.yml b/data/jodatime/misuses/1/misuse.yml index 30385f892..dde928a65 100644 --- a/data/jodatime/misuses/1/misuse.yml +++ b/data/jodatime/misuses/1/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > PersistentDateTime.nullSafeGet() may return null, while constructor of Interval expects non-null parameters. -location: +locations: file: org/joda/time/contrib/hibernate/PersistentInterval.java method: "nullSafeGet(ResultSet, String[], SessionImplementor, Object)" fix: diff --git a/data/jodatime/misuses/269/misuse.yml b/data/jodatime/misuses/269/misuse.yml index 6c8613ff3..8a519ad49 100644 --- a/data/jodatime/misuses/269/misuse.yml +++ b/data/jodatime/misuses/269/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestDateMidnight_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/27/misuse.yml b/data/jodatime/misuses/27/misuse.yml index c7e4c960f..c5942ddba 100644 --- a/data/jodatime/misuses/27/misuse.yml +++ b/data/jodatime/misuses/27/misuse.yml @@ -19,7 +19,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestDateMidnight_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/270/misuse.yml b/data/jodatime/misuses/270/misuse.yml index 8efd76144..11c92b734 100644 --- a/data/jodatime/misuses/270/misuse.yml +++ b/data/jodatime/misuses/270/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestDateTimeComparator.java method: testSerialization1() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/271/misuse.yml b/data/jodatime/misuses/271/misuse.yml index a7ac77038..05e063842 100644 --- a/data/jodatime/misuses/271/misuse.yml +++ b/data/jodatime/misuses/271/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestDateTimeComparator.java method: testSerialization2() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/272/misuse.yml b/data/jodatime/misuses/272/misuse.yml index 85d99c80a..b66e8fdc2 100644 --- a/data/jodatime/misuses/272/misuse.yml +++ b/data/jodatime/misuses/272/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestDateTimeFieldType.java method: doSerialization(DateTimeFieldType) report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/273/misuse.yml b/data/jodatime/misuses/273/misuse.yml index 2f2aafa00..f62cbe93c 100644 --- a/data/jodatime/misuses/273/misuse.yml +++ b/data/jodatime/misuses/273/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestDateTimeZone.java method: testSerialization1() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/274/misuse.yml b/data/jodatime/misuses/274/misuse.yml index 9f96fba4a..ca5ff8182 100644 --- a/data/jodatime/misuses/274/misuse.yml +++ b/data/jodatime/misuses/274/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestDateTimeZone.java method: testSerialization2() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/275/misuse.yml b/data/jodatime/misuses/275/misuse.yml index e7d337f88..cbdcc49bd 100644 --- a/data/jodatime/misuses/275/misuse.yml +++ b/data/jodatime/misuses/275/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestDateTime_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/276/misuse.yml b/data/jodatime/misuses/276/misuse.yml index 696845372..0439bc0ca 100644 --- a/data/jodatime/misuses/276/misuse.yml +++ b/data/jodatime/misuses/276/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestDays.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/277/misuse.yml b/data/jodatime/misuses/277/misuse.yml index 3dbb4f7f5..5cda46f5f 100644 --- a/data/jodatime/misuses/277/misuse.yml +++ b/data/jodatime/misuses/277/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestDurationFieldType.java method: doSerialization(DurationFieldType) report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/278/misuse.yml b/data/jodatime/misuses/278/misuse.yml index 44f60eca6..3f9d37bd9 100644 --- a/data/jodatime/misuses/278/misuse.yml +++ b/data/jodatime/misuses/278/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestDuration_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/279/misuse.yml b/data/jodatime/misuses/279/misuse.yml index a5a695f40..a9c303246 100644 --- a/data/jodatime/misuses/279/misuse.yml +++ b/data/jodatime/misuses/279/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestHours.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/280/misuse.yml b/data/jodatime/misuses/280/misuse.yml index 0ba92e039..a203ca95b 100644 --- a/data/jodatime/misuses/280/misuse.yml +++ b/data/jodatime/misuses/280/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestInstant_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/281/misuse.yml b/data/jodatime/misuses/281/misuse.yml index 5dae67146..6011e7e78 100644 --- a/data/jodatime/misuses/281/misuse.yml +++ b/data/jodatime/misuses/281/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestInterval_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/282/misuse.yml b/data/jodatime/misuses/282/misuse.yml index 3bb509c5e..1f5927969 100644 --- a/data/jodatime/misuses/282/misuse.yml +++ b/data/jodatime/misuses/282/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestLocalDateTime_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/283/misuse.yml b/data/jodatime/misuses/283/misuse.yml index b13a738b3..cfb67064b 100644 --- a/data/jodatime/misuses/283/misuse.yml +++ b/data/jodatime/misuses/283/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestLocalDate_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/284/misuse.yml b/data/jodatime/misuses/284/misuse.yml index 814c3d2b1..53df33d67 100644 --- a/data/jodatime/misuses/284/misuse.yml +++ b/data/jodatime/misuses/284/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestLocalTime_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/285/misuse.yml b/data/jodatime/misuses/285/misuse.yml index ca460825c..c4881512a 100644 --- a/data/jodatime/misuses/285/misuse.yml +++ b/data/jodatime/misuses/285/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestMinutes.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/286/misuse.yml b/data/jodatime/misuses/286/misuse.yml index 5d37e99b8..dddaf857e 100644 --- a/data/jodatime/misuses/286/misuse.yml +++ b/data/jodatime/misuses/286/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestMonthDay_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/287/misuse.yml b/data/jodatime/misuses/287/misuse.yml index 8d71cc682..8e0ac3186 100644 --- a/data/jodatime/misuses/287/misuse.yml +++ b/data/jodatime/misuses/287/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestMonths.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/288/misuse.yml b/data/jodatime/misuses/288/misuse.yml index 5a3fba3fb..0b052f282 100644 --- a/data/jodatime/misuses/288/misuse.yml +++ b/data/jodatime/misuses/288/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestMutableDateTime_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/289/misuse.yml b/data/jodatime/misuses/289/misuse.yml index 3508b1826..f7b1b45cf 100644 --- a/data/jodatime/misuses/289/misuse.yml +++ b/data/jodatime/misuses/289/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestMutableInterval_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/290/misuse.yml b/data/jodatime/misuses/290/misuse.yml index e9bfe9d57..02a618574 100644 --- a/data/jodatime/misuses/290/misuse.yml +++ b/data/jodatime/misuses/290/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestMutablePeriod_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/291/misuse.yml b/data/jodatime/misuses/291/misuse.yml index 62deaf856..f4354d61f 100644 --- a/data/jodatime/misuses/291/misuse.yml +++ b/data/jodatime/misuses/291/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestPartial_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/292/misuse.yml b/data/jodatime/misuses/292/misuse.yml index 2fc2fb250..2bf45f095 100644 --- a/data/jodatime/misuses/292/misuse.yml +++ b/data/jodatime/misuses/292/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestPeriodType.java method: assertEqualsAfterSerialization(PeriodType) report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/293/misuse.yml b/data/jodatime/misuses/293/misuse.yml index 0419992c8..d32f99f94 100644 --- a/data/jodatime/misuses/293/misuse.yml +++ b/data/jodatime/misuses/293/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestPeriodType.java method: assertSameAfterSerialization(PeriodType) report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/294/misuse.yml b/data/jodatime/misuses/294/misuse.yml index 14b0ab684..f26033ee7 100644 --- a/data/jodatime/misuses/294/misuse.yml +++ b/data/jodatime/misuses/294/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestPeriod_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/295/misuse.yml b/data/jodatime/misuses/295/misuse.yml index 983c89ddc..af15a8eb6 100644 --- a/data/jodatime/misuses/295/misuse.yml +++ b/data/jodatime/misuses/295/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestSeconds.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/296/misuse.yml b/data/jodatime/misuses/296/misuse.yml index a9368a674..1bd0e34c2 100644 --- a/data/jodatime/misuses/296/misuse.yml +++ b/data/jodatime/misuses/296/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestTimeOfDay_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/297/misuse.yml b/data/jodatime/misuses/297/misuse.yml index d94296c95..ee7102352 100644 --- a/data/jodatime/misuses/297/misuse.yml +++ b/data/jodatime/misuses/297/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestWeeks.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/298/misuse.yml b/data/jodatime/misuses/298/misuse.yml index 1164cf8ae..89333f3dc 100644 --- a/data/jodatime/misuses/298/misuse.yml +++ b/data/jodatime/misuses/298/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestYearMonthDay_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/299/misuse.yml b/data/jodatime/misuses/299/misuse.yml index 867699d7c..d7fa1a369 100644 --- a/data/jodatime/misuses/299/misuse.yml +++ b/data/jodatime/misuses/299/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestYearMonth_Basics.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/300/misuse.yml b/data/jodatime/misuses/300/misuse.yml index 31e1382d6..99eb8e04d 100644 --- a/data/jodatime/misuses/300/misuse.yml +++ b/data/jodatime/misuses/300/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/TestYears.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/301/misuse.yml b/data/jodatime/misuses/301/misuse.yml index da68875d8..4bcc5bc02 100644 --- a/data/jodatime/misuses/301/misuse.yml +++ b/data/jodatime/misuses/301/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/field/TestMillisDurationField.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/302/misuse.yml b/data/jodatime/misuses/302/misuse.yml index d7cc2f2b6..5f8c0f29b 100644 --- a/data/jodatime/misuses/302/misuse.yml +++ b/data/jodatime/misuses/302/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/field/TestPreciseDurationField.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/303/misuse.yml b/data/jodatime/misuses/303/misuse.yml index 66fcfd779..01587fecf 100644 --- a/data/jodatime/misuses/303/misuse.yml +++ b/data/jodatime/misuses/303/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/field/TestScaledDurationField.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/304/misuse.yml b/data/jodatime/misuses/304/misuse.yml index 4d847783a..21fe71a3a 100644 --- a/data/jodatime/misuses/304/misuse.yml +++ b/data/jodatime/misuses/304/misuse.yml @@ -17,7 +17,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/0e82517a7f4a2e659143ce84ff1f4ea706e9a88c revision: 0e82517a7f4a2e659143ce84ff1f4ea706e9a88c internal: false -location: +locations: file: org/joda/time/tz/TestCachedDateTimeZone.java method: testSerialization() report: https://github.com/JodaOrg/joda-time/pull/339 diff --git a/data/jodatime/misuses/339/misuse.yml b/data/jodatime/misuses/339/misuse.yml index 248587bb5..893c18639 100644 --- a/data/jodatime/misuses/339/misuse.yml +++ b/data/jodatime/misuses/339/misuse.yml @@ -9,7 +9,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/60be421469dd85893978bfc645b41e94c63ba1b1 revision: 60be421469dd85893978bfc645b41e94c63ba1b1 internal: false -location: +locations: file: org/joda/time/tz/DateTimeZoneBuilder.java method: writeTo(String, OutputStream) report: https://github.com/JodaOrg/joda-time/pull/343 diff --git a/data/jodatime/misuses/361/misuse.yml b/data/jodatime/misuses/361/misuse.yml index f7a5c6c3b..abea46684 100644 --- a/data/jodatime/misuses/361/misuse.yml +++ b/data/jodatime/misuses/361/misuse.yml @@ -15,7 +15,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/f49c671d9926eb677490a76cc8317970e5be433c revision: f49c671d9926eb677490a76cc8317970e5be433c internal: false -location: +locations: file: org/joda/time/tz/ZoneInfoCompiler.java method: Rule(StringTokenizer) report: https://github.com/JodaOrg/joda-time/pull/319 diff --git a/data/jodatime/misuses/362/misuse.yml b/data/jodatime/misuses/362/misuse.yml index 61f1717f7..661c7e87f 100644 --- a/data/jodatime/misuses/362/misuse.yml +++ b/data/jodatime/misuses/362/misuse.yml @@ -15,7 +15,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/76fa43737656d859f0943f5326cf2b8565c4b032 revision: 76fa43737656d859f0943f5326cf2b8565c4b032 internal: false -location: +locations: file: org/joda/time/tz/ZoneInfoCompiler.java method: Zone(StringTokenizer) report: https://github.com/JodaOrg/joda-time/pull/333 diff --git a/data/jodatime/misuses/363/misuse.yml b/data/jodatime/misuses/363/misuse.yml index 1a10c275c..0ab8972a1 100644 --- a/data/jodatime/misuses/363/misuse.yml +++ b/data/jodatime/misuses/363/misuse.yml @@ -15,7 +15,7 @@ fix: commit: https://github.com/emopers/joda-time/commit/76fa43737656d859f0943f5326cf2b8565c4b032 revision: 76fa43737656d859f0943f5326cf2b8565c4b032 internal: false -location: +locations: file: org/joda/time/tz/ZoneInfoCompiler.java method: Zone(String, StringTokenizer) report: https://github.com/JodaOrg/joda-time/pull/333 diff --git a/data/jriecken-gae-java-mini-profiler/misuses/39/misuse.yml b/data/jriecken-gae-java-mini-profiler/misuses/39/misuse.yml index b452b3e9e..66c890e6b 100644 --- a/data/jriecken-gae-java-mini-profiler/misuses/39/misuse.yml +++ b/data/jriecken-gae-java-mini-profiler/misuses/39/misuse.yml @@ -13,7 +13,7 @@ fix: commit: https://github.com/emopers/gae-java-mini-profiler/commit/30be31776655f73487a59d443b30c7f7408f251b revision: 30be31776655f73487a59d443b30c7f7408f251b internal: false -location: +locations: file: com/google/appengine/tools/appstats/MiniProfilerAppstats.java method: getAppstatsDataFor(String, Integer) report: https://github.com/jriecken/gae-java-mini-profiler/pull/11 diff --git a/data/lnreadera/misuses/1/misuse.yml b/data/lnreadera/misuses/1/misuse.yml index c135dc500..77a0045fa 100644 --- a/data/lnreadera/misuses/1/misuse.yml +++ b/data/lnreadera/misuses/1/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > Overrides SherlockActivity.onDestroy(), but does not call the super method. Leads to exception with unreleased resources. -location: +locations: file: com/erakk/lnreader/activity/DisplayImageActivity.java method: onDestroy() fix: diff --git a/data/lnreadera/misuses/2/misuse.yml b/data/lnreadera/misuses/2/misuse.yml index c6caf02f9..d78176626 100644 --- a/data/lnreadera/misuses/2/misuse.yml +++ b/data/lnreadera/misuses/2/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > Overrides SherlockActivity.onDestroy(), but does not call the super method. Leads to exception with unreleased resources. -location: +locations: file: com/erakk/lnreader/activity/DisplayLightNovelContentActivity.java method: onDestroy() fix: diff --git a/data/logblock-logblock-2/misuses/15/misuse.yml b/data/logblock-logblock-2/misuses/15/misuse.yml index 1649108f1..ef9f6615a 100644 --- a/data/logblock-logblock-2/misuses/15/misuse.yml +++ b/data/logblock-logblock-2/misuses/15/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/LogBlock-2/commit/64c15f9d88df84837a9e5e294100aaeeb69c7123 revision: 64c15f9d88df84837a9e5e294100aaeeb69c7123 internal: false -location: +locations: file: org/logblock/entry/BlobTest.java method: paintingTest() report: https://github.com/LogBlock/LogBlock-2/pull/9 diff --git a/data/lucene/misuses/1/misuse.yml b/data/lucene/misuses/1/misuse.yml index 5780a5d1f..8786bc34c 100644 --- a/data/lucene/misuses/1/misuse.yml +++ b/data/lucene/misuses/1/misuse.yml @@ -5,7 +5,7 @@ violations: crash: false description: > RandomAccessFile.close() maybe skipped if previous call throws. -location: +locations: file: org/apache/lucene/store/FSDirectory.java method: close() fix: diff --git a/data/lucene/misuses/2/misuse.yml b/data/lucene/misuses/2/misuse.yml index 9768437fa..ec82ae43f 100644 --- a/data/lucene/misuses/2/misuse.yml +++ b/data/lucene/misuses/2/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > Should catch NoSuchElementException around SortedMap.firstKey() -location: +locations: file: org/apache/lucene/index/ParallelReader.java method: ParallelTermEnum() fix: diff --git a/data/lucene/misuses/3/misuse.yml b/data/lucene/misuses/3/misuse.yml index e85ab00a2..04f69352b 100644 --- a/data/lucene/misuses/3/misuse.yml +++ b/data/lucene/misuses/3/misuse.yml @@ -6,7 +6,7 @@ violations: crash: true description: > Misses to check File.exists()/File.mkdirs() before calling File.createNewFile(). -location: +locations: file: org/apache/lucene/store/FSDirectory.java method: obtain() fix: diff --git a/data/lucene/misuses/4/misuse.yml b/data/lucene/misuses/4/misuse.yml index 1b22a5347..0825c0ebc 100644 --- a/data/lucene/misuses/4/misuse.yml +++ b/data/lucene/misuses/4/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > MultiFields.getDeletedDocs() may return null. -location: +locations: file: org/apache/lucene/benchmark/byTask/tasks/DeleteByPercentTask.java method: doLogic() fix: diff --git a/data/lucene/misuses/5/misuse.yml b/data/lucene/misuses/5/misuse.yml index 6244a133a..cd2609894 100644 --- a/data/lucene/misuses/5/misuse.yml +++ b/data/lucene/misuses/5/misuse.yml @@ -7,7 +7,7 @@ description: > Map.get() and Map.put() are called with different (types of) objects as key. There is another Map, for which the accidentially used key is the correct key. -location: +locations: file: org/apache/lucene/search/FieldCacheImpl.java method: "get(IndexReader, Object)" fix: diff --git a/data/lucene/misuses/mudetect-10/misuse.yml b/data/lucene/misuses/mudetect-10/misuse.yml index 72713ed81..3c0b02b9d 100644 --- a/data/lucene/misuses/mudetect-10/misuse.yml +++ b/data/lucene/misuses/mudetect-10/misuse.yml @@ -9,7 +9,7 @@ description: > line 4736 is skipped. Then `mergeDocStores` (line 4730) remains `false` and the branch accessing `segmentsSource.info(0)` at line 4790 is taken. Since `segmentsSource` is empty, this access causes an exception. -location: +locations: file: org/apache/lucene/index/IndexWriter.java method: "_mergeInit(OneMerge)" line: 4790 diff --git a/data/lucene/misuses/mudetect-5/misuse.yml b/data/lucene/misuses/mudetect-5/misuse.yml index 00d26948e..048495202 100644 --- a/data/lucene/misuses/mudetect-5/misuse.yml +++ b/data/lucene/misuses/mudetect-5/misuse.yml @@ -10,7 +10,7 @@ description: > apparently assumed to have as many elements. However, this is not ensured within the method. (Same finding as `mudetectxp-1`) -location: +locations: file: org/apache/lucene/search/BooleanQuery.java method: "explain(IndexReader, int)" line: 231 diff --git a/data/lucene/misuses/mudetect-9/misuse.yml b/data/lucene/misuses/mudetect-9/misuse.yml index 2cb04008b..aba8a94e8 100644 --- a/data/lucene/misuses/mudetect-9/misuse.yml +++ b/data/lucene/misuses/mudetect-9/misuse.yml @@ -10,7 +10,7 @@ description: > apparently assumed to have as many elements. However, this is not ensured within the method. (Same finding as `mudetectxp-2`) -location: +locations: file: org/apache/lucene/search/BooleanQuery.java method: "scorer(IndexReader, boolean, boolean)" line: 296 diff --git a/data/lucene/misuses/tikanga-0/misuse.yml b/data/lucene/misuses/tikanga-0/misuse.yml index f338fdd26..1283df111 100644 --- a/data/lucene/misuses/tikanga-0/misuse.yml +++ b/data/lucene/misuses/tikanga-0/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > Iterator.next() is invoked without prior check of hasNext(). (Same finding as `mudetect-1` and `mudetectxp-0`) -location: +locations: file: org/apache/lucene/util/AttributeSource.java method: "computeCurrentState()" internal: false diff --git a/data/lucene/misuses/tikanga-1/misuse.yml b/data/lucene/misuses/tikanga-1/misuse.yml index c27b7266f..51870878d 100644 --- a/data/lucene/misuses/tikanga-1/misuse.yml +++ b/data/lucene/misuses/tikanga-1/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > In line 35, `SegmentInfos.info()` is called without prior check that there is at least one element in the `merge.segments` collection. -location: +locations: file: org/apache/lucene/index/MergeDocIDRemapper.java method: "MergeDocIDRemapper(SegmentInfos, int[][], int[], OneMerge, int)" line: 35 diff --git a/data/lucene/misuses/tikanga-1a/misuse.yml b/data/lucene/misuses/tikanga-1a/misuse.yml index 612f6278a..4b31d93d2 100644 --- a/data/lucene/misuses/tikanga-1a/misuse.yml +++ b/data/lucene/misuses/tikanga-1a/misuse.yml @@ -8,7 +8,7 @@ description: > In line 38, `SegmentInfos.info()` is called without prior check that there are sufficiently many elements in the `infos` collection. (Same finding as `tikanga-1` and `mubench-11`) -location: +locations: file: org/apache/lucene/index/MergeDocIDRemapper.java method: "MergeDocIDRemapper(SegmentInfos, int[][], int[], OneMerge, int)" line: 38 diff --git a/data/lucene/misuses/tikanga-1b/misuse.yml b/data/lucene/misuses/tikanga-1b/misuse.yml index b9ec707b7..08516062c 100644 --- a/data/lucene/misuses/tikanga-1b/misuse.yml +++ b/data/lucene/misuses/tikanga-1b/misuse.yml @@ -8,7 +8,7 @@ description: > In line 47, `SegmentInfos.info()` is called without prior check that there are sufficiently many elements in the `infos` collection. (Same finding as `tikanga-1` and `mudetect-8`) -location: +locations: file: org/apache/lucene/index/MergeDocIDRemapper.java method: "MergeDocIDRemapper(SegmentInfos, int[][], int[], OneMerge, int)" line: 47 diff --git a/data/lucene/misuses/tikanga-1c/misuse.yml b/data/lucene/misuses/tikanga-1c/misuse.yml index 22a11fa47..805a75b32 100644 --- a/data/lucene/misuses/tikanga-1c/misuse.yml +++ b/data/lucene/misuses/tikanga-1c/misuse.yml @@ -8,7 +8,7 @@ description: > In line 48, `SegmentInfos.info()` is called without prior check that there are sufficiently many elements in the `merge.segments` collection. This is the same problem as identified by `tikanga-1`. -location: +locations: file: org/apache/lucene/index/MergeDocIDRemapper.java method: "MergeDocIDRemapper(SegmentInfos, int[][], int[], OneMerge, int)" line: 48 diff --git a/data/lucene/misuses/tikanga-1d/misuse.yml b/data/lucene/misuses/tikanga-1d/misuse.yml index 96c88034e..0390d7f46 100644 --- a/data/lucene/misuses/tikanga-1d/misuse.yml +++ b/data/lucene/misuses/tikanga-1d/misuse.yml @@ -8,7 +8,7 @@ description: > In line 58, `SegmentInfos.info()` is called without prior check that there are sufficiently many elements in the `merge.segments` collection. (Same finding as `tikanga-1` and `mudetect-4` and `mudetectxp-6`) -location: +locations: file: org/apache/lucene/index/MergeDocIDRemapper.java method: "MergeDocIDRemapper(SegmentInfos, int[][], int[], OneMerge, int)" line: 58 diff --git a/data/minecraft-launcher/misuses/1/misuse.yml b/data/minecraft-launcher/misuses/1/misuse.yml index e4e0c67fe..b5932602f 100644 --- a/data/minecraft-launcher/misuses/1/misuse.yml +++ b/data/minecraft-launcher/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses PBEWithMD5AndDES which is considered unsafe. -location: +locations: file: net/minecraft/launcher/authentication/BaseAuthenticationService.java method: "getCipher(int, String)" internal: false diff --git a/data/mqtt/misuses/389/misuse.yml b/data/mqtt/misuses/389/misuse.yml index 237c750cc..93420c0af 100644 --- a/data/mqtt/misuses/389/misuse.yml +++ b/data/mqtt/misuses/389/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/paho.mqtt.java/commit/e91206c5865934d12e5133b14acde8d0adff0fe8 revision: e91206c5865934d12e5133b14acde8d0adff0fe8 internal: false -location: +locations: file: org/eclipse/paho/client/mqttv3/internal/wire/MqttSubscribe.java method: getPayload() report: https://github.com/eclipse/paho.mqtt.java/pull/3 diff --git a/data/mqtt/misuses/390/misuse.yml b/data/mqtt/misuses/390/misuse.yml index 4d9fd9f70..b8e133a7a 100644 --- a/data/mqtt/misuses/390/misuse.yml +++ b/data/mqtt/misuses/390/misuse.yml @@ -12,7 +12,7 @@ fix: commit: https://github.com/emopers/paho.mqtt.java/commit/e91206c5865934d12e5133b14acde8d0adff0fe8 revision: e91206c5865934d12e5133b14acde8d0adff0fe8 internal: false -location: +locations: file: org/eclipse/paho/client/mqttv3/internal/wire/MqttUnsubscribe.java method: getPayload() report: https://github.com/eclipse/paho.mqtt.java/pull/3 diff --git a/data/onosendai/misuses/1/misuse.yml b/data/onosendai/misuses/1/misuse.yml index 3a3cf420a..64534e4b7 100644 --- a/data/onosendai/misuses/1/misuse.yml +++ b/data/onosendai/misuses/1/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > Registers an IntentFilter to an arbitrary context, rather than the application context. -location: +locations: file: com/vaguehope/onosendai/update/AlarmReceiver.java method: "onReceive(Context, Intent)" fix: diff --git a/data/openiab/misuses/1/misuse.yml b/data/openiab/misuses/1/misuse.yml index d7bf65697..9e7d1598f 100644 --- a/data/openiab/misuses/1/misuse.yml +++ b/data/openiab/misuses/1/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > Overrides UnityPlayerActivity.onDestroy(), but does not call the super method. Leads to exception with unreleased resources. -location: +locations: file: com/openiab/BillingActivity.java method: "onActivityResult(int, int, Intent)" fix: diff --git a/data/pawotag/misuses/1/misuse.yml b/data/pawotag/misuses/1/misuse.yml index df98632e5..792a02682 100644 --- a/data/pawotag/misuses/1/misuse.yml +++ b/data/pawotag/misuses/1/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > Passes zero-bytes array to Cipher.doFinal(). (Problem specific to IBM JVM 6) -location: +locations: file: net/sourceforge/stripes/util/CryptoUtil.java method: encrypt(String) fix: diff --git a/data/progin5/misuses/1/misuse.yml b/data/progin5/misuses/1/misuse.yml index cf195a750..fbc897dd3 100644 --- a/data/progin5/misuses/1/misuse.yml +++ b/data/progin5/misuses/1/misuse.yml @@ -5,7 +5,7 @@ violations: description: > Uses AES with default mode and padding. Since these values might chance per crypto provider this is considered a bad practice. -location: +locations: file: encryption/RSA.java method: "encrypt(String, PublicKey)" internal: true diff --git a/data/property-management-76260865/misuses/1/misuse.yml b/data/property-management-76260865/misuses/1/misuse.yml index c78075a97..cf04df9b5 100644 --- a/data/property-management-76260865/misuses/1/misuse.yml +++ b/data/property-management-76260865/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses DES which is considered unsafe. -location: +locations: file: com/jason/property/encrypte/DesEncrypter.java method: "enCrypto(String, String)" internal: false diff --git a/data/red5-server/misuses/1/misuse.yml b/data/red5-server/misuses/1/misuse.yml index f91b62880..8b6c104f9 100644 --- a/data/red5-server/misuses/1/misuse.yml +++ b/data/red5-server/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - redundant/call description: > May call Mac.init(...) multiple times on the same instance -location: +locations: file: com/jason/property/encrypte/DesEncrypter.java method: "calculateHMAC_SHA256(byte[], byte[])" internal: false diff --git a/data/rhino/misuses/1/misuse.yml b/data/rhino/misuses/1/misuse.yml index 770a3ca8e..df51292fe 100644 --- a/data/rhino/misuses/1/misuse.yml +++ b/data/rhino/misuses/1/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > IRFactory.initFunction() is called twice along one possible execution path, which causes an infinite loop. -location: +locations: file: org/mozilla/javascript/Parser.java method: function(int) fix: diff --git a/data/saavn/misuses/1/misuse.yml b/data/saavn/misuses/1/misuse.yml index 5b8eb76a3..c23bd9b24 100644 --- a/data/saavn/misuses/1/misuse.yml +++ b/data/saavn/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses DES which is considered unsafe. -location: +locations: file: SaavnFileRunner.java method: "decryptPlay(String)" internal: false diff --git a/data/saavn/misuses/2/misuse.yml b/data/saavn/misuses/2/misuse.yml index c8ffd2968..502ca9042 100644 --- a/data/saavn/misuses/2/misuse.yml +++ b/data/saavn/misuses/2/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses static key. -location: +locations: file: SaavnFileRunner.java method: "decryptPlay(String)" internal: false diff --git a/data/screen-notifications/misuses/1/misuse.yml b/data/screen-notifications/misuses/1/misuse.yml index c49f384b1..561232f7c 100644 --- a/data/screen-notifications/misuses/1/misuse.yml +++ b/data/screen-notifications/misuses/1/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > On some platforms AppInfo.loadIcon() may throw an OutOfMemoryError. StackOverflow: http://stackoverflow.com/questions/20415367/android-async-loadicon-outofmemoryerror -location: +locations: file: com/lukekorth/screennotifications/AppsActivity.java method: loadInBackground(int) fix: diff --git a/data/secure-tcp/misuses/1/misuse.yml b/data/secure-tcp/misuses/1/misuse.yml index 9b0e9772e..cc9fa2703 100644 --- a/data/secure-tcp/misuses/1/misuse.yml +++ b/data/secure-tcp/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses DSA with defaults which is considered a bad practice. -location: +locations: file: org/network/stcp/server/SecureConnectionHandler.java method: "run()" internal: false diff --git a/data/synthetic_directives/misuses/alreadyondte/misuse.yml b/data/synthetic_directives/misuses/alreadyondte/misuse.yml index 67de7d595..ba84f09f3 100644 --- a/data/synthetic_directives/misuses/alreadyondte/misuse.yml +++ b/data/synthetic_directives/misuses/alreadyondte/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > Dispatches work on a UI element to the DTE, while the current execution context is already the DTE. -location: +locations: file: mubench/examples/directives/AlreadyOnDTE.java method: misuse() fix: diff --git a/data/synthetic_directives/misuses/callondte/misuse.yml b/data/synthetic_directives/misuses/callondte/misuse.yml index 651458f37..b4b698cb2 100644 --- a/data/synthetic_directives/misuses/callondte/misuse.yml +++ b/data/synthetic_directives/misuses/callondte/misuse.yml @@ -5,7 +5,7 @@ violations: crash: false description: > Creates swing UI component on the main thread. -location: +locations: file: mubench/examples/directives/CallOnDTE.java method: main(String[]) fix: diff --git a/data/synthetic_directives/misuses/deadlock/misuse.yml b/data/synthetic_directives/misuses/deadlock/misuse.yml index b13786e9d..a4bef19d1 100644 --- a/data/synthetic_directives/misuses/deadlock/misuse.yml +++ b/data/synthetic_directives/misuses/deadlock/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > Synchronizes on an object and then again on the same object within the synchroized bock, thereby, producing a deadlock. -location: +locations: file: mubench/examples/directives/Deadlock.java method: misuse(Object) fix: diff --git a/data/synthetic_directives/misuses/latenullcheck/misuse.yml b/data/synthetic_directives/misuses/latenullcheck/misuse.yml index 69199e4c5..7637123b6 100644 --- a/data/synthetic_directives/misuses/latenullcheck/misuse.yml +++ b/data/synthetic_directives/misuses/latenullcheck/misuse.yml @@ -6,7 +6,7 @@ violations: crash: true description: > Calls a method on an object and later checks it for null. -location: +locations: file: mubench/examples/directives/LateNullCheck.java method: "misuse(Object)" fix: diff --git a/data/synthetic_directives/misuses/maybenull/misuse.yml b/data/synthetic_directives/misuses/maybenull/misuse.yml index 10e57e47d..01491ddcd 100644 --- a/data/synthetic_directives/misuses/maybenull/misuse.yml +++ b/data/synthetic_directives/misuses/maybenull/misuse.yml @@ -6,7 +6,7 @@ violations: crash: true description: > Checks that an object is null before calling a method on it. -location: +locations: file: mubench/examples/directives/MayBeNull.java method: "misuse(Object)" fix: diff --git a/data/synthetic_directives/misuses/repetitive/misuse.yml b/data/synthetic_directives/misuses/repetitive/misuse.yml index 1ed16550a..037168dd3 100644 --- a/data/synthetic_directives/misuses/repetitive/misuse.yml +++ b/data/synthetic_directives/misuses/repetitive/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > Loops over a collection, only to ensure it is not empty (every subsequent iteration performs the exact same computation). -location: +locations: file: mubench/examples/directives/Repetitive.java method: "misuse(Collection)" fix: diff --git a/data/synthetic_directives/misuses/supresserror/misuse.yml b/data/synthetic_directives/misuses/supresserror/misuse.yml index bb87f36e4..08fbc7f5e 100644 --- a/data/synthetic_directives/misuses/supresserror/misuse.yml +++ b/data/synthetic_directives/misuses/supresserror/misuse.yml @@ -5,7 +5,7 @@ violations: crash: false description: > Catches Throwable, which might supress Errors, like OutOfMemory, TheadDeath, ... -location: +locations: file: mubench/examples/directives/SupressError.java method: "misuse(Target)" fix: diff --git a/data/synthetic_directives/misuses/toorestrictive/misuse.yml b/data/synthetic_directives/misuses/toorestrictive/misuse.yml index ae7d5cb37..fd7accc19 100644 --- a/data/synthetic_directives/misuses/toorestrictive/misuse.yml +++ b/data/synthetic_directives/misuses/toorestrictive/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > Iterates until i < l.size(), but starts at i = 1. Therefore, skips the last element. -location: +locations: file: mubench/examples/directives/TooRestrictive.java method: "misuse(List)" fix: diff --git a/data/synthetic_directives/misuses/unsynchronized/misuse.yml b/data/synthetic_directives/misuses/unsynchronized/misuse.yml index 647eea877..1191ae968 100644 --- a/data/synthetic_directives/misuses/unsynchronized/misuse.yml +++ b/data/synthetic_directives/misuses/unsynchronized/misuse.yml @@ -5,7 +5,7 @@ violations: crash: false description: > Updates a HashMap concurrently without ensuring synchonziation. -location: +locations: file: mubench/examples/directives/Unsynchronized.java method: onEvent(String, String) fix: diff --git a/data/synthetic_directives/misuses/wait-loop/misuse.yml b/data/synthetic_directives/misuses/wait-loop/misuse.yml index 8f2edfd06..2a70de205 100644 --- a/data/synthetic_directives/misuses/wait-loop/misuse.yml +++ b/data/synthetic_directives/misuses/wait-loop/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > Object.wait() should be called in a loop that iteratively checks the condition waited for. -location: +locations: file: mubench/examples/directives/WaitWithoutLoop.java method: misuse(Target) fix: diff --git a/data/synthetic_java8-misuses/misuses/optional-map-unchecked-get/misuse.yml b/data/synthetic_java8-misuses/misuses/optional-map-unchecked-get/misuse.yml index 32dea539a..fb03deca5 100644 --- a/data/synthetic_java8-misuses/misuses/optional-map-unchecked-get/misuse.yml +++ b/data/synthetic_java8-misuses/misuses/optional-map-unchecked-get/misuse.yml @@ -9,7 +9,7 @@ description: > `Optional.map()`, which may cause a `NullPointerException`. Safe way is to use `flatMap` instead, which takes care of potential `null` values. -location: +locations: file: com/xpinjection/java8/misused/optional/HundredAndOneApproach.java method: getPersonCarInsuranceName(Person) internal: false diff --git a/data/synthetic_java8-misuses/misuses/stream-closed/misuse.yml b/data/synthetic_java8-misuses/misuses/stream-closed/misuse.yml index a5ceecc6a..59ce19a8e 100644 --- a/data/synthetic_java8-misuses/misuses/stream-closed/misuse.yml +++ b/data/synthetic_java8-misuses/misuses/stream-closed/misuse.yml @@ -7,7 +7,7 @@ description: > Invokes a second terminal operation on a stream, which causes an "`IllegalStateException`: stream has already been operated upon or closed". Remove the second terminal operation to prevent this. -location: +locations: file: com/xpinjection/java8/misused/stream/incorrect/UseStreamMoreThanOnce.java method: streamIsClosedAfterTerminalOperation() internal: false diff --git a/data/synthetic_java8-misuses/misuses/stream-infinite/misuse.yml b/data/synthetic_java8-misuses/misuses/stream-infinite/misuse.yml index 2a3637f5b..f327af374 100644 --- a/data/synthetic_java8-misuses/misuses/stream-infinite/misuse.yml +++ b/data/synthetic_java8-misuses/misuses/stream-infinite/misuse.yml @@ -7,7 +7,7 @@ description: > Uses a stream generator without limiting the number of elements, such that processing of the stream will run forever. Limit the number of elements to a finite number to prevent this. -location: +locations: file: com/xpinjection/java8/misused/stream/incorrect/InfiniteStreams.java method: infinite() internal: false diff --git a/data/synthetic_java8-misuses/misuses/stream-infinite2/misuse.yml b/data/synthetic_java8-misuses/misuses/stream-infinite2/misuse.yml index 2a3637f5b..f327af374 100644 --- a/data/synthetic_java8-misuses/misuses/stream-infinite2/misuse.yml +++ b/data/synthetic_java8-misuses/misuses/stream-infinite2/misuse.yml @@ -7,7 +7,7 @@ description: > Uses a stream generator without limiting the number of elements, such that processing of the stream will run forever. Limit the number of elements to a finite number to prevent this. -location: +locations: file: com/xpinjection/java8/misused/stream/incorrect/InfiniteStreams.java method: infinite() internal: false diff --git a/data/synthetic_java8-misuses/misuses/stream-without-terminal/misuse.yml b/data/synthetic_java8-misuses/misuses/stream-without-terminal/misuse.yml index 15da3c19f..3b8265c33 100644 --- a/data/synthetic_java8-misuses/misuses/stream-without-terminal/misuse.yml +++ b/data/synthetic_java8-misuses/misuses/stream-without-terminal/misuse.yml @@ -8,7 +8,7 @@ description: > Invokes stream operations without a terminal action that causes the operations to actually be performed. Add a terminal operation to trigger execution or replace last operation by a terminal one. -location: +locations: file: com/xpinjection/java8/misused/stream/incorrect/ForgotTerminalOperation.java method: willDoNothingInReality() internal: false diff --git a/data/synthetic_jca/misuses/aes-ecb-mode/misuse.yml b/data/synthetic_jca/misuses/aes-ecb-mode/misuse.yml index 2a64f2e5f..c7c1faef9 100644 --- a/data/synthetic_jca/misuses/aes-ecb-mode/misuse.yml +++ b/data/synthetic_jca/misuses/aes-ecb-mode/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > Using "AES" in Cipher.getInstance defaults to "AES/EBC/PKCS5Padding". The mode "EBC" is unsafe, hence the default "AES" should not be used. -location: +locations: file: mubench/examples/jca/Encrypting.java method: encrypt(byte[], byte[]) fix: diff --git a/data/synthetic_jca/misuses/loop-init/misuse.yml b/data/synthetic_jca/misuses/loop-init/misuse.yml index 2a788bfaa..80bfe425e 100644 --- a/data/synthetic_jca/misuses/loop-init/misuse.yml +++ b/data/synthetic_jca/misuses/loop-init/misuse.yml @@ -9,7 +9,7 @@ description: > tasks---which is fine---, but it is also reinitialized with each iteration. `Cipher` does not support reinitialization and, hence, this may lead to erroneous encryption. -location: +locations: file: mubench/examples/jca/ReinitializingCipher.java method: "misuse(BufferedReader, Key)" fix: diff --git a/data/synthetic_jca/misuses/static-key/misuse.yml b/data/synthetic_jca/misuses/static-key/misuse.yml index 2f2e0ef25..c1786fe3d 100644 --- a/data/synthetic_jca/misuses/static-key/misuse.yml +++ b/data/synthetic_jca/misuses/static-key/misuse.yml @@ -5,7 +5,7 @@ violations: crash: false description: > The key used is defined statically in the code. -location: +locations: file: mubench/examples/jca/Encrypting.java method: encryptWithKey(byte[]) fix: diff --git a/data/synthetic_survey/misuses/androidactivity-1/misuse.yml b/data/synthetic_survey/misuses/androidactivity-1/misuse.yml index 9a1b37c92..2882156ac 100644 --- a/data/synthetic_survey/misuses/androidactivity-1/misuse.yml +++ b/data/synthetic_survey/misuses/androidactivity-1/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > Fails to find view by id in onCreate(). -location: +locations: file: mubench/examples/survey/ActivityDontDelegateCreate.java method: onCreate(Bundle) fix: diff --git a/data/synthetic_survey/misuses/androidactivity-2/misuse.yml b/data/synthetic_survey/misuses/androidactivity-2/misuse.yml index 9b6fd9262..ad040c6df 100644 --- a/data/synthetic_survey/misuses/androidactivity-2/misuse.yml +++ b/data/synthetic_survey/misuses/androidactivity-2/misuse.yml @@ -6,7 +6,7 @@ violations: crash: true description: > Fails to set content view on onCreate(). -location: +locations: file: mubench/examples/survey/ActivityDelegateCreateTooLate.java method: onCreate(Bundle) fix: diff --git a/data/synthetic_survey/misuses/arrayaccess/misuse.yml b/data/synthetic_survey/misuses/arrayaccess/misuse.yml index 85e3526b8..0b64909bd 100644 --- a/data/synthetic_survey/misuses/arrayaccess/misuse.yml +++ b/data/synthetic_survey/misuses/arrayaccess/misuse.yml @@ -6,7 +6,7 @@ violations: crash: true description: > Misses to check the array's size before accessing the array. -location: +locations: file: mubench/examples/survey/ArrayAccess.java method: misuse(int[], int) internal: false diff --git a/data/synthetic_survey/misuses/close-1/misuse.yml b/data/synthetic_survey/misuses/close-1/misuse.yml index 4ead9ec0b..c7b2e5d41 100644 --- a/data/synthetic_survey/misuses/close-1/misuse.yml +++ b/data/synthetic_survey/misuses/close-1/misuse.yml @@ -5,7 +5,7 @@ violations: crash: false description: > Misses to call Closeable.close(). -location: +locations: file: mubench/examples/survey/Close.java method: missingClose(File) fix: diff --git a/data/synthetic_survey/misuses/close-2/misuse.yml b/data/synthetic_survey/misuses/close-2/misuse.yml index 8fb6320f1..0fa7c05e0 100644 --- a/data/synthetic_survey/misuses/close-2/misuse.yml +++ b/data/synthetic_survey/misuses/close-2/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > Calls Closeable.close() outside of finally block, which might fail to close the resource in case of an exception. -location: +locations: file: mubench/examples/survey/Close.java method: missingFinally(File) fix: diff --git a/data/synthetic_survey/misuses/cme/misuse.yml b/data/synthetic_survey/misuses/cme/misuse.yml index ee0c79d7c..685637cee 100644 --- a/data/synthetic_survey/misuses/cme/misuse.yml +++ b/data/synthetic_survey/misuses/cme/misuse.yml @@ -9,7 +9,7 @@ description: > to use the Iterator afterwards. Often happens with foreach loops. http://www.st.informatik.tu-darmstadt.de/artifacts/stackoverflow-cme-study/ -location: +locations: file: mubench/examples/survey/CME.java method: misuse(Collection) fix: diff --git a/data/synthetic_survey/misuses/fisexists/misuse.yml b/data/synthetic_survey/misuses/fisexists/misuse.yml index e38628dae..873d37323 100644 --- a/data/synthetic_survey/misuses/fisexists/misuse.yml +++ b/data/synthetic_survey/misuses/fisexists/misuse.yml @@ -7,7 +7,7 @@ violations: crash: true description: > Open a FileInputStream on a non-existing file throws. -location: +locations: file: mubench/examples/survey/FISExists.java method: misuse(File) fix: diff --git a/data/synthetic_survey/misuses/flip-1/misuse.yml b/data/synthetic_survey/misuses/flip-1/misuse.yml index b7a350b0d..000abfae4 100644 --- a/data/synthetic_survey/misuses/flip-1/misuse.yml +++ b/data/synthetic_survey/misuses/flip-1/misuse.yml @@ -8,7 +8,7 @@ description: > the buffer (or vice versa). There''s many ways to read/write buffer, some of which fail if flip() is missing, while others just do nothing. StackOverflow: http://stackoverflow.com/questions/10166011/how-to-use-java-nio-channels-filechannel-to-write-a-byte-to-a-file-basics/10166055 -location: +locations: file: mubench/examples/survey/ByteBufferFlip.java method: needsFlipToReadWhatWasWritten(ByteBuffer, byte[]) fix: diff --git a/data/synthetic_survey/misuses/flip-2/misuse.yml b/data/synthetic_survey/misuses/flip-2/misuse.yml index b5e7d1138..bad3448e2 100644 --- a/data/synthetic_survey/misuses/flip-2/misuse.yml +++ b/data/synthetic_survey/misuses/flip-2/misuse.yml @@ -8,7 +8,7 @@ description: > the buffer (or vice versa). There''s many ways to read/write buffer, some of which fail if flip() is missing, while others just do nothing. StackOverflow: http://stackoverflow.com/questions/10166011/how-to-use-java-nio-channels-filechannel-to-write-a-byte-to-a-file-basics/10166055 -location: +locations: file: mubench/examples/survey/ByteBufferFlip.java method: "needsFlipToCopyWhatWasWritten(byte[])" fix: diff --git a/data/synthetic_survey/misuses/flush/misuse.yml b/data/synthetic_survey/misuses/flush/misuse.yml index 7387fe8cb..9fa081929 100644 --- a/data/synthetic_survey/misuses/flush/misuse.yml +++ b/data/synthetic_survey/misuses/flush/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > Misses to flush FileChannel, such that the contents have not been written before the next attempt to read from the underlying resource. -location: +locations: file: mubench/examples/survey/ChannelFlush.java method: needsFlushToEnsureWrite(ByteBuffer) fix: diff --git a/data/synthetic_survey/misuses/hasnext/misuse.yml b/data/synthetic_survey/misuses/hasnext/misuse.yml index 591320297..ce9c78aff 100644 --- a/data/synthetic_survey/misuses/hasnext/misuse.yml +++ b/data/synthetic_survey/misuses/hasnext/misuse.yml @@ -6,7 +6,7 @@ violations: crash: true description: > Misses to check that there is another element before calling Iterator.next(). -location: +locations: file: mubench/examples/survey/OnlyNext.java method: misuse(Collection) fix: diff --git a/data/synthetic_survey/misuses/listget/misuse.yml b/data/synthetic_survey/misuses/listget/misuse.yml index 010f1105b..a5d42a991 100644 --- a/data/synthetic_survey/misuses/listget/misuse.yml +++ b/data/synthetic_survey/misuses/listget/misuse.yml @@ -6,7 +6,7 @@ violations: crash: true description: > Call List.get() without checking if the index is valid. -location: +locations: file: mubench/examples/survey/ListGet.java method: "misuse(List, int)" fix: diff --git a/data/synthetic_survey/misuses/mapkeynull/misuse.yml b/data/synthetic_survey/misuses/mapkeynull/misuse.yml index fb79e380d..95d69fbf0 100644 --- a/data/synthetic_survey/misuses/mapkeynull/misuse.yml +++ b/data/synthetic_survey/misuses/mapkeynull/misuse.yml @@ -6,7 +6,7 @@ crash: true description: > HashMap.get() throws if the key is null. Since you don't know which implementation of Map you get, you should always guard against this. -location: +locations: file: mubench/examples/survey/Maps.java method: "keyMayBeNull(HashMap, String)" fix: diff --git a/data/synthetic_survey/misuses/mapnull/misuse.yml b/data/synthetic_survey/misuses/mapnull/misuse.yml index 696e0242d..13f68b1a3 100644 --- a/data/synthetic_survey/misuses/mapnull/misuse.yml +++ b/data/synthetic_survey/misuses/mapnull/misuse.yml @@ -7,7 +7,7 @@ crash: false description: > Checks the return value of Map.put() to check whether the key was set before. If the Map allows null values, this usage breaks. -location: +locations: file: mubench/examples/survey/Maps.java method: "mapMayContainNull(Map)" fix: diff --git a/data/synthetic_survey/misuses/nofile/misuse.yml b/data/synthetic_survey/misuses/nofile/misuse.yml index 6daec351a..6a38ce3ff 100644 --- a/data/synthetic_survey/misuses/nofile/misuse.yml +++ b/data/synthetic_survey/misuses/nofile/misuse.yml @@ -6,7 +6,7 @@ violations: crash: true description: > Tries to write to a file that may not exist. -location: +locations: file: mubench/examples/survey/NoFile.java method: "misuse(Path, byte[])" fix: diff --git a/data/synthetic_survey/misuses/pack-1/misuse.yml b/data/synthetic_survey/misuses/pack-1/misuse.yml index 47ea49cfa..6bfedc278 100644 --- a/data/synthetic_survey/misuses/pack-1/misuse.yml +++ b/data/synthetic_survey/misuses/pack-1/misuse.yml @@ -8,7 +8,7 @@ description: > Calls JFrame.setVisible(true) before JFrame.pack(). This may lead to undesired effects, such as the window being moved to the default plattform location. -location: +locations: file: mubench/examples/survey/JFramePack.java method: "packAfterShowHasNoEffect(JFrame)" fix: diff --git a/data/synthetic_survey/misuses/pack-2/misuse.yml b/data/synthetic_survey/misuses/pack-2/misuse.yml index 79cb6d761..ece1cd3f7 100644 --- a/data/synthetic_survey/misuses/pack-2/misuse.yml +++ b/data/synthetic_survey/misuses/pack-2/misuse.yml @@ -6,7 +6,7 @@ crash: false description: > Calls JFrame.setVisible(true) without calling JFrame.pack(), such that the frame is not layouted before being shown. -location: +locations: file: mubench/examples/survey/JFramePack.java method: "needsPackToLayout(JFrame)" fix: diff --git a/data/synthetic_survey/misuses/setfirst/misuse.yml b/data/synthetic_survey/misuses/setfirst/misuse.yml index da0381b7b..be786fd42 100644 --- a/data/synthetic_survey/misuses/setfirst/misuse.yml +++ b/data/synthetic_survey/misuses/setfirst/misuse.yml @@ -8,7 +8,7 @@ crash: true description: > To get one (arbitrary) value from a set you can call Set.iterator().next(), but this throws if the set is empty. -location: +locations: file: mubench/examples/survey/SetFirst.java method: misuse(Set) fix: diff --git a/data/tap-apps/misuses/1/misuse.yml b/data/tap-apps/misuses/1/misuse.yml index 667e8d516..0c4c567c7 100644 --- a/data/tap-apps/misuses/1/misuse.yml +++ b/data/tap-apps/misuses/1/misuse.yml @@ -5,7 +5,7 @@ violations: crash: false description: > Requests Cipher "Blowfish", which returns unsafe default configuration. -location: +locations: file: org/jSyncManager/Conduit/NSMobileMessenger/NSMobileMessenger.java method: "writeMessageToServer(String, String, String, MessageRecord, HashMap, String, MessageOwnerRecord, String)" fix: diff --git a/data/tbuktu-ntru/misuses/473/misuse.yml b/data/tbuktu-ntru/misuses/473/misuse.yml index ada00b9b9..8ab560468 100644 --- a/data/tbuktu-ntru/misuses/473/misuse.yml +++ b/data/tbuktu-ntru/misuses/473/misuse.yml @@ -14,7 +14,7 @@ fix: commit: https://github.com/emopers/ntru/commit/4fd7cb8b4bb97dbf7be98e2fa55f36f5028807d2 revision: 4fd7cb8b4bb97dbf7be98e2fa55f36f5028807d2 internal: false -location: +locations: file: net/sf/ntru/encrypt/EncryptionParameters.java method: writeTo(OutputStream) report: https://github.com/tbuktu/ntru/pull/4 diff --git a/data/tbuktu-ntru/misuses/474/misuse.yml b/data/tbuktu-ntru/misuses/474/misuse.yml index 73a064d90..3c0dea925 100644 --- a/data/tbuktu-ntru/misuses/474/misuse.yml +++ b/data/tbuktu-ntru/misuses/474/misuse.yml @@ -14,7 +14,7 @@ fix: commit: https://github.com/emopers/ntru/commit/4fd7cb8b4bb97dbf7be98e2fa55f36f5028807d2 revision: 4fd7cb8b4bb97dbf7be98e2fa55f36f5028807d2 internal: false -location: +locations: file: net/sf/ntru/sign/SignatureParameters.java method: writeTo(OutputStream) report: https://github.com/tbuktu/ntru/pull/4 diff --git a/data/tbuktu-ntru/misuses/475/misuse.yml b/data/tbuktu-ntru/misuses/475/misuse.yml index 24ef9107a..7e7f9a2bb 100644 --- a/data/tbuktu-ntru/misuses/475/misuse.yml +++ b/data/tbuktu-ntru/misuses/475/misuse.yml @@ -14,7 +14,7 @@ fix: commit: https://github.com/emopers/ntru/commit/4fd7cb8b4bb97dbf7be98e2fa55f36f5028807d2 revision: 4fd7cb8b4bb97dbf7be98e2fa55f36f5028807d2 internal: false -location: +locations: file: net/sf/ntru/sign/SignaturePrivateKey.java method: getEncoded() report: https://github.com/tbuktu/ntru/pull/4 diff --git a/data/tbuktu-ntru/misuses/476/misuse.yml b/data/tbuktu-ntru/misuses/476/misuse.yml index faeaa820d..2357e7680 100644 --- a/data/tbuktu-ntru/misuses/476/misuse.yml +++ b/data/tbuktu-ntru/misuses/476/misuse.yml @@ -14,7 +14,7 @@ fix: commit: https://github.com/emopers/ntru/commit/4fd7cb8b4bb97dbf7be98e2fa55f36f5028807d2 revision: 4fd7cb8b4bb97dbf7be98e2fa55f36f5028807d2 internal: false -location: +locations: file: net/sf/ntru/sign/SignaturePublicKey.java method: getEncoded() report: https://github.com/tbuktu/ntru/pull/4 diff --git a/data/technic-launcher-sp/misuses/1/misuse.yml b/data/technic-launcher-sp/misuses/1/misuse.yml index 4ae401d4a..fbd8f03ff 100644 --- a/data/technic-launcher-sp/misuses/1/misuse.yml +++ b/data/technic-launcher-sp/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses DES which is considered unsafe. -location: +locations: file: org/spoutcraft/launcher/skin/LoginFrame.java method: "getCipher(int, String)" internal: false diff --git a/data/testng/misuses/16/misuse.yml b/data/testng/misuses/16/misuse.yml index a94f249c2..99b93cb61 100644 --- a/data/testng/misuses/16/misuse.yml +++ b/data/testng/misuses/16/misuse.yml @@ -13,7 +13,7 @@ fix: commit: https://github.com/cbeust/testng/commit/d6dfce36c68c295da6760ff1abd7eb0a91982a4f revision: d6dfce36c68c295da6760ff1abd7eb0a91982a4f internal: false -location: +locations: file: org/testng/reporters/jq/ChronologicalPanel.java method: "getContent(ISuite, XMLStringBuffer)" report: https://github.com/cbeust/testng/pull/928 diff --git a/data/testng/misuses/17/misuse.yml b/data/testng/misuses/17/misuse.yml index 2d56bb430..856606e10 100644 --- a/data/testng/misuses/17/misuse.yml +++ b/data/testng/misuses/17/misuse.yml @@ -14,7 +14,7 @@ fix: commit: https://github.com/cbeust/testng/commit/eaf38e591a4418dbcee671f7d16f5836931a6ca5 revision: eaf38e591a4418dbcee671f7d16f5836931a6ca5 internal: false -location: +locations: file: org/testng/reporters/JUnitXMLReporter.java method: generateReport(ITestContext) report: https://github.com/cbeust/testng/pull/830 diff --git a/data/testng/misuses/18/misuse.yml b/data/testng/misuses/18/misuse.yml index e6ca7af48..f0b96e735 100644 --- a/data/testng/misuses/18/misuse.yml +++ b/data/testng/misuses/18/misuse.yml @@ -14,7 +14,7 @@ fix: commit: https://github.com/cbeust/testng/commit/eaf38e591a4418dbcee671f7d16f5836931a6ca5 revision: eaf38e591a4418dbcee671f7d16f5836931a6ca5 internal: false -location: +locations: file: org/testng/reporters/JUnitXMLReporter.java method: generateReport(ITestContext) report: https://github.com/cbeust/testng/pull/830 diff --git a/data/testng/misuses/21/misuse.yml b/data/testng/misuses/21/misuse.yml index 398c082e1..dcb9f0c56 100644 --- a/data/testng/misuses/21/misuse.yml +++ b/data/testng/misuses/21/misuse.yml @@ -13,7 +13,7 @@ fix: commit: https://github.com/cbeust/testng/commit/cd807910fcc3a0eb646834bad911a549259be9d2 revision: cd807910fcc3a0eb646834bad911a549259be9d2 internal: false -location: +locations: file: org/testng/reporters/jq/Model.java method: init() report: https://github.com/cbeust/testng/pull/929 diff --git a/data/testng/misuses/22/misuse.yml b/data/testng/misuses/22/misuse.yml index 99fc03e45..bb43739e3 100644 --- a/data/testng/misuses/22/misuse.yml +++ b/data/testng/misuses/22/misuse.yml @@ -13,7 +13,7 @@ fix: commit: https://github.com/cbeust/testng/commit/677302cb8b5a2507df97c5822eef3a03ebc4e23a revision: 677302cb8b5a2507df97c5822eef3a03ebc4e23a internal: false -location: +locations: file: org/testng/reporters/XMLReporter.java method: getSuiteAttributes(ISuite) report: https://github.com/cbeust/testng/pull/930 diff --git a/data/testng/misuses/dmmc-0/misuse.yml b/data/testng/misuses/dmmc-0/misuse.yml index 0e9862edc..4b5b0c428 100644 --- a/data/testng/misuses/dmmc-0/misuse.yml +++ b/data/testng/misuses/dmmc-0/misuse.yml @@ -6,7 +6,7 @@ crash: false description: | In line 70, a `StringBuilder` is created, but the instance is not used. internal: false -location: +locations: file: org/testng/mustache/Model.java method: resolveValueToString(String) line: 70 diff --git a/data/testng/misuses/dmmc-4/misuse.yml b/data/testng/misuses/dmmc-4/misuse.yml index 909c54139..f340d26d2 100644 --- a/data/testng/misuses/dmmc-4/misuse.yml +++ b/data/testng/misuses/dmmc-4/misuse.yml @@ -10,7 +10,7 @@ description: | be `null`, empty, or contain exactly one element. (Same as finding as `tikanga-0` and `mudetect-0` and `mudetectxp-0`) internal: false -location: +locations: file: org/testng/xml/SuiteGenerator.java method: createCustomizedSuite(String, Collection, Collection, Collection, Collection, Map, String, int) line: 69 diff --git a/data/testng/misuses/grouminer-17/misuse.yml b/data/testng/misuses/grouminer-17/misuse.yml index 0e80d3a2a..c31b732b7 100644 --- a/data/testng/misuses/grouminer-17/misuse.yml +++ b/data/testng/misuses/grouminer-17/misuse.yml @@ -10,7 +10,7 @@ description: | on `pop()`. (Same finding as `mudetect-11`) internal: true -location: +locations: file: org/testng/reporters/jq/ChronologicalPanel.java method: getContent(ISuite, XMLStringBuffer) line: 71 diff --git a/data/testng/misuses/grouminer-4/misuse.yml b/data/testng/misuses/grouminer-4/misuse.yml index 2da53548d..ac3ebabdf 100644 --- a/data/testng/misuses/grouminer-4/misuse.yml +++ b/data/testng/misuses/grouminer-4/misuse.yml @@ -8,7 +8,7 @@ description: | pushed ("suite-content"). This tag is never poped, which results in a missing closing tag in the XML retrieved via `toXML()` in line 119. internal: true -location: +locations: file: org/testng/reporters/JqReporter.java method: generateSuites(List, List, XMLStringBuffer) line: 55 diff --git a/data/thebluealliancea/misuses/1/misuse.yml b/data/thebluealliancea/misuses/1/misuse.yml index 24a41c204..97edc2877 100644 --- a/data/thebluealliancea/misuses/1/misuse.yml +++ b/data/thebluealliancea/misuses/1/misuse.yml @@ -6,7 +6,7 @@ violations: crash: true description: > Call JsonElement.getAsString() on JsonNullElement. -location: +locations: file: com/thebluealliance/androidclient/datafeed/TBAv2.java method: "getDistrictList(String, String)" fix: diff --git a/data/thomas-s-b-visualee/misuses/29/misuse.yml b/data/thomas-s-b-visualee/misuses/29/misuse.yml index 9fea98ab0..9a8f51182 100644 --- a/data/thomas-s-b-visualee/misuses/29/misuse.yml +++ b/data/thomas-s-b-visualee/misuses/29/misuse.yml @@ -14,7 +14,7 @@ fix: commit: https://github.com/emopers/visualee/commit/58fbf0b8274fd6d46b6a76ae08457386d31a6206 revision: 58fbf0b8274fd6d46b6a76ae08457386d31a6206 internal: false -location: +locations: file: de/strullerbaumann/visualee/examiner/Examiner.java method: findAndSetPackage(JavaSource) report: https://github.com/Thomas-S-B/visualee/pull/3 diff --git a/data/thomas-s-b-visualee/misuses/30/misuse.yml b/data/thomas-s-b-visualee/misuses/30/misuse.yml index f191a9f42..38614bf11 100644 --- a/data/thomas-s-b-visualee/misuses/30/misuse.yml +++ b/data/thomas-s-b-visualee/misuses/30/misuse.yml @@ -14,7 +14,7 @@ fix: commit: https://github.com/emopers/visualee/commit/eff52eea696912fc0b106bfd5b78a0683d3dd3c0 revision: eff52eea696912fc0b106bfd5b78a0683d3dd3c0 internal: false -location: +locations: file: de/strullerbaumann/visualee/examiner/Examiner.java method: "jumpOverJavaToken(String, Scanner)" report: https://github.com/Thomas-S-B/visualee/pull/2 diff --git a/data/thomas-s-b-visualee/misuses/32/misuse.yml b/data/thomas-s-b-visualee/misuses/32/misuse.yml index d91a00cd1..c68c8ba7c 100644 --- a/data/thomas-s-b-visualee/misuses/32/misuse.yml +++ b/data/thomas-s-b-visualee/misuses/32/misuse.yml @@ -14,7 +14,7 @@ fix: commit: https://github.com/emopers/visualee/commit/cb7b08d182b463e78f85f7851cce64d6cf0e36b5 revision: cb7b08d182b463e78f85f7851cce64d6cf0e36b5 internal: false -location: +locations: file: de/strullerbaumann/visualee/examiner/Examiner.java method: scanAfterClosedParenthesis(String, Scanner) report: https://github.com/Thomas-S-B/visualee/pull/4 diff --git a/data/tucanmobile/misuses/1/misuse.yml b/data/tucanmobile/misuses/1/misuse.yml index 738258ea6..6c2470aca 100644 --- a/data/tucanmobile/misuses/1/misuse.yml +++ b/data/tucanmobile/misuses/1/misuse.yml @@ -6,7 +6,7 @@ violations: crash: true description: > Calls Dialog.dismiss() on dialog that is not showing. -location: +locations: file: com/dalthed/tucan/Connection/SimpleSecureBrowser.java method: onPostExecute(AnswerObject) fix: diff --git a/data/ushahidia/misuses/1/misuse.yml b/data/ushahidia/misuses/1/misuse.yml index a4e383944..b7b419f37 100644 --- a/data/ushahidia/misuses/1/misuse.yml +++ b/data/ushahidia/misuses/1/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > Fails to release Cursor. -location: +locations: file: com/ushahidi/android/app/database/OpenGeoSmsDao.java method: getReportState(long) fix: diff --git a/data/warwalk/misuses/1/misuse.yml b/data/warwalk/misuses/1/misuse.yml index 3b92ec02f..2b5824d16 100644 --- a/data/warwalk/misuses/1/misuse.yml +++ b/data/warwalk/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses DES which is considered unsafe. -location: +locations: file: net/blackhack/warwalk/DatabaseHandler.java method: "encryptDatabase()" internal: false diff --git a/data/webtend/misuses/1/misuse.yml b/data/webtend/misuses/1/misuse.yml index 2d3b828cb..7f495e6be 100644 --- a/data/webtend/misuses/1/misuse.yml +++ b/data/webtend/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses AES with default mode and padding which is considered a bad practice. -location: +locations: file: webtend/webtend/utils/Crypto.java method: "encryptAES(String, String)" internal: false diff --git a/data/webtend/misuses/2/misuse.yml b/data/webtend/misuses/2/misuse.yml index d986a3935..9dc4bb9dd 100644 --- a/data/webtend/misuses/2/misuse.yml +++ b/data/webtend/misuses/2/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses AES with default mode and padding which is considered a bad practice since the default values may vary between providers. -location: +locations: file: webtend/webtend/utils/Crypto.java method: "decryptAES(String, String)" internal: false diff --git a/data/wordpressa/misuses/1/misuse.yml b/data/wordpressa/misuses/1/misuse.yml index f0b395413..58aea2573 100644 --- a/data/wordpressa/misuses/1/misuse.yml +++ b/data/wordpressa/misuses/1/misuse.yml @@ -7,7 +7,7 @@ crash: true description: > Calls ListFragment.getListView() without checking that ListFragment.isAdded(), which might lead to crashes if the view is not yet initialized. -location: +locations: file: org/wordpress/android/ui/notifications/NotificationsListFragment.java method: restoreListScrollPosition() fix: diff --git a/data/wordpressa/misuses/3/misuse.yml b/data/wordpressa/misuses/3/misuse.yml index d40246b50..6cef01dda 100644 --- a/data/wordpressa/misuses/3/misuse.yml +++ b/data/wordpressa/misuses/3/misuse.yml @@ -5,7 +5,7 @@ violations: crash: true description: > The result of WPEditText.getText() may be null. -location: +locations: file: org/wordpress/android/ui/posts/EditPostContentFragment.java method: onClick(View) fix: diff --git a/data/yapps/misuses/1/misuse.yml b/data/yapps/misuses/1/misuse.yml index 3cc915aeb..c24f237db 100644 --- a/data/yapps/misuses/1/misuse.yml +++ b/data/yapps/misuses/1/misuse.yml @@ -4,7 +4,7 @@ violations: - missing/condition/value_or_state description: > Uses AES with default mode and padding which is considered a bad practice. -location: +locations: file: com/vouov/yapps/util/AESUtils.java method: "aes(int, String, byte[])" internal: false diff --git a/mubench.pipeline/data/finding.py b/mubench.pipeline/data/finding.py index 71a78e0b3..21df47b3c 100644 --- a/mubench.pipeline/data/finding.py +++ b/mubench.pipeline/data/finding.py @@ -9,9 +9,12 @@ def __init__(self, data: Dict[str, str]): super().__init__(data) def is_potential_hit(self, misuse: Misuse, source_base_paths: List[str], method_name_only: bool = False): - return self.__is_match_by_file(misuse.location.file) and \ - self.__is_match_by_method(misuse.location.method, method_name_only) and \ - self.__is_match_by_line(misuse, source_base_paths) + for file_match in [location for location in misuse.locations if self.__is_match_by_file(location.file)]: + if self.__is_match_by_method(file_match.method, method_name_only) and \ + self.__is_match_by_line(misuse.get_snippets(source_base_paths)): + return True + + return False def __is_match_by_file(self, misuse_file: str): finding_file = self.__file() @@ -41,11 +44,10 @@ def __is_match_by_method(self, misuse_method, method_name_only: bool = False): return misuse_method.startswith(finding_method) - def __is_match_by_line(self, misuse: Misuse, source_base_paths: List[str]): + def __is_match_by_line(self, snippets: List[Snippet]): if self.__startline() < 0: return True - snippets = misuse.get_snippets(source_base_paths) for snippet in snippets: snippet_last_line_number = snippet.first_line_number + snippet.code.count("\n") if snippet.first_line_number < self.__startline() < snippet_last_line_number: diff --git a/mubench.pipeline/data/misuse.py b/mubench.pipeline/data/misuse.py index 8a1102a92..69d1c75be 100644 --- a/mubench.pipeline/data/misuse.py +++ b/mubench.pipeline/data/misuse.py @@ -50,7 +50,7 @@ def __init__(self, base_path: str, project_id: str, version_id: str, misuse_id: self.path = join(self.__project.path, Project.MISUSES_DIR, misuse_id) self.misuse_file = join(self.path, Misuse.MISUSE_FILE) - self.__location = None + self.__locations = None self.__fix = None self._YAML = None @@ -69,7 +69,8 @@ def correct_usages(self) -> Set[CorrectUsage]: correct_usage_path = self.correct_usage_path if isdir(correct_usage_path): self._CORRECT_USAGES = set( - [CorrectUsage(correct_usage_path, y[len(correct_usage_path) + 1:]) for x in os.walk(correct_usage_path) for y in + [CorrectUsage(correct_usage_path, y[len(correct_usage_path) + 1:]) for x in + os.walk(correct_usage_path) for y in glob(os.path.join(x[0], '*.java'))]) else: self._CORRECT_USAGES = set() @@ -81,11 +82,15 @@ def correct_usage_path(self) -> str: return join(self.path, "correct-usages") @property - def location(self) -> Location: - if not self.__location: - location = self._yaml["location"] - self.__location = Location(location.get("file", ""), location.get("method", ""), location.get("line", -1)) - return self.__location + def locations(self) -> List[Location]: + if not self.__locations: + locations = self._yaml["locations"] + if isinstance(locations, list): + self.__locations = [Location(location.get("file", ""), location.get("method", ""), location.get("line", -1)) + for location in locations] + else: + self.__locations = [Location(locations.get("file", ""), locations.get("method", ""), locations.get("line", -1))] + return self.__locations @property def description(self) -> str: @@ -132,7 +137,10 @@ def violations(self): return self._violations def get_snippets(self, source_base_paths: List[str]) -> List[Snippet]: - return get_snippets(source_base_paths, self.location.file, self.location.method, self.location.line) + snippets = [] + for location in self.locations: + snippets.extend(get_snippets(source_base_paths, location.file, location.method, location.line)) + return snippets def get_misuse_compile(self, base_path: str) -> MisuseCompile: return MisuseCompile(join(base_path, self.project_id, "misuses", self.misuse_id), self.correct_usages) diff --git a/mubench.pipeline/tasks/implementations/compile_misuse.py b/mubench.pipeline/tasks/implementations/compile_misuse.py index bb5a96681..264bc4c80 100644 --- a/mubench.pipeline/tasks/implementations/compile_misuse.py +++ b/mubench.pipeline/tasks/implementations/compile_misuse.py @@ -68,17 +68,19 @@ def _compile_correct_usages(source: str, destination: str, classpath: str): @staticmethod def _copy_misuse_sources(sources_path, misuse, destination): - file = misuse.location.file - if exists(join(sources_path, file)): - dst = join(destination, file) - makedirs(dirname(dst), exist_ok=True) - shutil.copy(join(sources_path, file), dst) + for location in misuse.locations: + file = location.file + if exists(join(sources_path, file)): + dst = join(destination, file) + makedirs(dirname(dst), exist_ok=True) + shutil.copy(join(sources_path, file), dst) @staticmethod def _copy_misuse_classes(classes_path, misuse, destination): - basepath = join(classes_path, splitext(misuse.location.file)[0]) - classes = glob(basepath + ".class") + glob(basepath + "$*.class") - for class_ in classes: - dst = join(destination, relpath(class_, classes_path)) - makedirs(dirname(dst), exist_ok=True) - shutil.copy(class_, dst) + for location in misuse.locations: + basepath = join(classes_path, splitext(location.file)[0]) + classes = glob(basepath + ".class") + glob(basepath + "$*.class") + for class_ in classes: + dst = join(destination, relpath(class_, classes_path)) + makedirs(dirname(dst), exist_ok=True) + shutil.copy(class_, dst) diff --git a/mubench.pipeline/tasks/implementations/dataset_check_misuse.py b/mubench.pipeline/tasks/implementations/dataset_check_misuse.py index b4a390706..4b066ecf7 100644 --- a/mubench.pipeline/tasks/implementations/dataset_check_misuse.py +++ b/mubench.pipeline/tasks/implementations/dataset_check_misuse.py @@ -120,18 +120,18 @@ def _get_rel_misuse_file_path(self, misuse): return path.relpath(misuse.misuse_file, self.data_base_path) def _check_misuse_location_exists(self, version: ProjectVersion, misuse: Misuse): - if "location" in misuse._yaml: - location = misuse.location - if location.file and location.method: - checkout = version.get_checkout(self.checkout_base_path) - if not checkout or not checkout.exists(): - self.logger.debug( - 'Skipping location check for "{}": requires checkout of "{}".'.format( - misuse.id, version.id)) - else: - source_base_paths = [join(checkout.base_path, src_dir) for src_dir in version.source_dirs] - if not self._location_exists(source_base_paths, location.file, location.method): - self._report_cannot_find_location(str(location), self._get_rel_misuse_file_path(misuse)) + if "locations" in misuse._yaml: + for location in misuse.locations: + if location.file and location.method: + checkout = version.get_checkout(self.checkout_base_path) + if not checkout or not checkout.exists(): + self.logger.debug( + 'Skipping location check for "{}": requires checkout of "{}".'.format( + misuse.id, version.id)) + else: + source_base_paths = [join(checkout.base_path, src_dir) for src_dir in version.source_dirs] + if not self._location_exists(source_base_paths, location.file, location.method): + self._report_cannot_find_location(str(location), self._get_rel_misuse_file_path(misuse)) @staticmethod def _location_exists(source_base_paths, file_, method) -> bool: diff --git a/mubench.pipeline/tasks/implementations/publish_metadata.py b/mubench.pipeline/tasks/implementations/publish_metadata.py index 32dbbec31..f0414104f 100644 --- a/mubench.pipeline/tasks/implementations/publish_metadata.py +++ b/mubench.pipeline/tasks/implementations/publish_metadata.py @@ -44,7 +44,7 @@ def run(self, project: Project, misuse: Misuse): "project": project.id, "version": version.version_id, "misuse": misuse.misuse_id, - "location": misuse.location.__dict__, + "locations": [location.__dict__ for location in misuse.locations], "description": misuse.description, "violations": misuse.violations, "fix": { diff --git a/mubench.pipeline/tests/data/test_finding.py b/mubench.pipeline/tests/data/test_finding.py index 962710fac..c89833745 100644 --- a/mubench.pipeline/tests/data/test_finding.py +++ b/mubench.pipeline/tests/data/test_finding.py @@ -4,6 +4,7 @@ from nose.tools import assert_equals, assert_raises from data.finding import Finding +from data.misuse import Location from data.snippets import Snippet, SnippetUnavailableException from tests.test_utils.data_util import create_misuse from utils.shell import CommandFailedError @@ -12,67 +13,71 @@ class TestPotentialHit: # noinspection PyAttributeOutsideInit def setup(self): - self.misuse = create_misuse('misuse', meta={"location": {"file": "a", "method": "m()"}}) + self.misuse = create_misuse('misuse', meta={"locations": {"file": "a", "method": "m()"}}) self.snippets = [] self.misuse.get_snippets = lambda *_: self.snippets def test_matches_on_file(self): - self.misuse.location.file = "some-class.java" + self.misuse.locations[0].file = "some-class.java" self.assert_potential_hit({"file": "some-class.java"}) def test_matches_on_file_absolute(self): - self.misuse.location.file = "java/main/some-class.java" + self.misuse.locations[0].file = "java/main/some-class.java" self.assert_potential_hit({"file": "/some/prefix/java/main/some-class.java"}) def test_matches_on_class(self): - self.misuse.location.file = "some-class.java" + self.misuse.locations[0].file = "some-class.java" self.assert_potential_hit({"file": "some-class.class"}) def test_matches_on_inner_class(self): - self.misuse.location.file = "some-class.java" + self.misuse.locations[0].file = "some-class.java" self.assert_potential_hit({"file": "some-class$inner-class.class"}) def test_differs_on_method(self): - self.misuse.location.method = "method()" + self.misuse.locations[0].method = "method()" self.assert_no_potential_hit({"method": "other_method()"}) def test_differs_on_method_2(self): - self.misuse.location.method = "a_method()" + self.misuse.locations[0].method = "a_method()" self.assert_no_potential_hit({"method": "method()"}) def test_matches_on_method_name(self): - self.misuse.location.method = "method(A, B)" + self.misuse.locations[0].method = "method(A, B)" self.assert_potential_hit({"method": "method"}) def test_differs_on_method_name_prefix(self): - self.misuse.location.method = "appendX" + self.misuse.locations[0].method = "appendX" self.assert_no_potential_hit({"method": "append"}) def test_matches_on_method_signature(self): - self.misuse.location.method = "method(A, B)" + self.misuse.locations[0].method = "method(A, B)" self.assert_potential_hit({"method": "method(A, B)"}) def test_matches_on_method_name_only(self): - self.misuse.location.method = "method(A)" + self.misuse.locations[0].method = "method(A)" self.assert_potential_hit({"method": "method(p.A)"}, True) def test_does_not_match_on_line_without_startline(self): - self.misuse.location.method = "method(A)" - self.misuse.location.line = 42 + self.misuse.locations[0].method = "method(A)" + self.misuse.locations[0].line = 42 self.assert_potential_hit({"method": "method(A)"}) def test_matches_on_line(self): - self.misuse.location.method = "method(A)" - self.misuse.location.line = 40 - self.snippets = [Snippet("{\n-some-\n-code-\n}", self.misuse.location.line)] + self.misuse.locations[0].method = "method(A)" + self.misuse.locations[0].line = 40 + self.snippets = [Snippet("{\n-some-\n-code-\n}", self.misuse.locations[0].line)] self.assert_potential_hit({"method": "method(A)", "startline": 41}) def test_no_line_match(self): - self.misuse.location.method = "method(A)" - self.misuse.location.line = 40 - self.snippets = [Snippet("{\n-some-\n-code-\n}", self.misuse.location.line)] + self.misuse.locations[0].method = "method(A)" + self.misuse.locations[0].line = 40 + self.snippets = [Snippet("{\n-some-\n-code-\n}", self.misuse.locations[0].line)] self.assert_no_potential_hit({"method": "method(A)", "startline": 1337}) + def test_only_matches_from_the_same_location(self): + self.misuse._misuse__locations = [Location("b", "method(A)", -1), Location("a", "someMethod(B)", -1)] + self.assert_no_potential_hit({"file": "a", "method": "method(A)"}) + def assert_potential_hit(self, finding_data: Dict[str, str], method_name_only: bool=False): finding = self.create_finding(finding_data) assert finding.is_potential_hit(self.misuse, [], method_name_only) @@ -83,9 +88,9 @@ def assert_no_potential_hit(self, finding_data: Dict[str, str]): def create_finding(self, finding_data: Dict[str, str]): if "file" not in finding_data: - finding_data["file"] = self.misuse.location.file + finding_data["file"] = self.misuse.locations[0].file if "method" not in finding_data: - finding_data["method"] = self.misuse.location.method + finding_data["method"] = self.misuse.locations[0].method return Finding(finding_data) diff --git a/mubench.pipeline/tests/data/test_misuse.py b/mubench.pipeline/tests/data/test_misuse.py index 661961f34..74a21001f 100644 --- a/mubench.pipeline/tests/data/test_misuse.py +++ b/mubench.pipeline/tests/data/test_misuse.py @@ -42,9 +42,13 @@ def test_finds_correct_usage_in_package(self): correct_usage = self.create_correct_usage_file(self.uut, join("mypackage", "Pattern.java")) assert_equals(self.uut.correct_usages, {correct_usage}) - def test_reads_location(self): - uut = create_misuse('', meta={"location": {"file": "file.name", "method": "foo()", "line": 42}}) - assert_equals(Location("file.name", "foo()", 42), uut.location) + def test_reads_locations(self): + uut = create_misuse('', meta={"locations": [{"file": "file.name", "method": "foo()", "line": 42}, {"file": "file.name2", "method": "bar()", "line": 1337}]}) + assert_equals([Location("file.name", "foo()", 42), Location("file.name2", "bar()", 1337)], uut.locations) + + def test_reads_single_location(self): + uut = create_misuse('', meta={"locations": {"file": "file.name", "method": "foo()", "line": 42}}) + assert_equals([Location("file.name", "foo()", 42)], uut.locations) def test_reads_description(self): misuse = create_misuse("", meta={"description": "bla bla bla"}) diff --git a/mubench.pipeline/tests/tasks/implementations/test_compile_misuse.py b/mubench.pipeline/tests/tasks/implementations/test_compile_misuse.py index be1a0dbc5..63b085cc8 100644 --- a/mubench.pipeline/tests/tasks/implementations/test_compile_misuse.py +++ b/mubench.pipeline/tests/tasks/implementations/test_compile_misuse.py @@ -28,7 +28,7 @@ def setup(self): self.compile = self.version.get_compile(self.compile_base_path) self.compile.get_full_classpath = lambda: join(self.temp_dir, "dependencies.jar") - create_file(join(self.compile.original_sources_paths[0], self.misuse.location.file)) + create_file(join(self.compile.original_sources_paths[0], self.misuse.locations[0].file)) self.misuse_compile = self.misuse.get_misuse_compile(self.compile_base_path) self.misuse.get_misuse_compile = lambda *_: self.misuse_compile @@ -89,7 +89,7 @@ def test_copies_misuse_sources(self): uut = CompileMisuseTask(self.compile_base_path, 0, force_compile=False) create_file(join(self.compile.original_sources_paths[0], "mu.file")) - misuse = create_misuse("1", meta={"location": {"file": "mu.file"}}, project=self.project, version=self.version) + misuse = create_misuse("1", meta={"locations": {"file": "mu.file"}}, project=self.project, version=self.version) correct_usage_compile = uut.run(misuse, self.compile) @@ -100,7 +100,7 @@ def test_copies_misuse_classes(self): create_file(join(self.compile.original_sources_paths[0], "mu.java")) create_file(join(self.compile.original_classes_paths[0], "mu.class")) - misuse = create_misuse("1", meta={"location": {"file": "mu.java"}}, project=self.project, version=self.version) + misuse = create_misuse("1", meta={"locations": {"file": "mu.java"}}, project=self.project, version=self.version) correct_usage_compile = uut.run(misuse, self.compile) @@ -109,7 +109,7 @@ def test_copies_misuse_classes(self): def test_copies_misuse_inner_classes(self): uut = CompileMisuseTask(self.compile_base_path, 0, force_compile=False) - misuse = create_misuse("1", meta={"location": {"file": "mu.java"}}, project=self.project, version=self.version) + misuse = create_misuse("1", meta={"locations": {"file": "mu.java"}}, project=self.project, version=self.version) create_file(join(self.compile.original_sources_paths[0], "mu.java")) create_file(join(self.compile.original_classes_paths[0], "mu.class")) create_file(join(self.compile.original_classes_paths[0], "mu$1.class")) diff --git a/mubench.pipeline/tests/tasks/implementations/test_publish_metadata_task.py b/mubench.pipeline/tests/tasks/implementations/test_publish_metadata_task.py index f76f38e4d..9ac7491ed 100644 --- a/mubench.pipeline/tests/tasks/implementations/test_publish_metadata_task.py +++ b/mubench.pipeline/tests/tasks/implementations/test_publish_metadata_task.py @@ -60,10 +60,12 @@ def test_publishes_metadata(self, post_mock, snippets_mock): "-violation-1-", "-violation-2-" ], - "location": { - "file": "/some/file.java", - "method": "-some.method()-" - } + "locations": [ + { + "file": "/some/file.java", + "method": "-some.method()-" + } + ] }, project=self.project, version=self.version) snippets_mock.return_value = [Snippet("-code-", 42)] @@ -84,11 +86,13 @@ def test_publishes_metadata(self, post_mock, snippets_mock): "-violation-1-", "-violation-2-" ], - "location": { - "file": "/some/file.java", - "method": "-some.method()-", - "line": -1 - }, + "locations": [ + { + "file": "/some/file.java", + "method": "-some.method()-", + "line": -1 + } + ], "target_snippets": [{"first_line_number": 42, "code": "-code-"}], "correct_usages": [] }]) diff --git a/mubench.pipeline/tests/test_utils/data_util.py b/mubench.pipeline/tests/test_utils/data_util.py index d79caca27..49dfdd811 100644 --- a/mubench.pipeline/tests/test_utils/data_util.py +++ b/mubench.pipeline/tests/test_utils/data_util.py @@ -31,7 +31,7 @@ def create_misuse(misuse_id: str, meta: Dict[str, Any] = None, project: Project version = create_version("-version-", misuses=[]) misuse = Misuse(project._base_path, project.id, version.version_id, misuse_id) misuse._Misuse__project = project - misuse._YAML = {"location": {"file": "-dummy-/-file-", "method": "-method-()"}} + misuse._YAML = {"locations": {"file": "-dummy-/-file-", "method": "-method-()"}} misuse._CORRECT_USAGES = correct_usages if correct_usages else [] if meta: misuse._YAML.update(meta)