Resolve #376: Support multiple locations for misuses

data/aclang/misuses/1/misuse.yml

@@ -5,7 +5,7 @@ violations:
 crash: true
 description: >
   StrBuilder.getNullText() may return null.
-location:
+locations:
   file: org/apache/commons/lang/text/StrBuilder.java
   method: "appendFixedWidthPadLeft(Object, int, char)"
 fix:

data/aclang/misuses/2/misuse.yml

@@ -5,7 +5,7 @@ violations:
 crash: true
 description: >
   StrBuilder.getNullText() may return null.
-location:
+locations:
   file: org/apache/commons/lang/text/StrBuilder.java
   method: "appendFixedWidthPadRight(Object, int, char)"
 fix:

data/acmath/misuses/1/misuse.yml

@@ -5,7 +5,7 @@ violations:
 crash: true
 description: >
   SubLine.intersection() may return null.
-location:
+locations:
   file: org/apache/commons/math3/geometry/euclidean/threed/SubLine.java
   method: "intersection(SubLine, boolean)"
 fix:

data/acmath/misuses/2/misuse.yml

@@ -5,7 +5,7 @@ violations:
 crash: true
 description: >
   SubLine.intersection() may return null.
-location:
+locations:
   file: org/apache/commons/math3/geometry/euclidean/twod/SubLine.java
   method: "intersection(SubLine, boolean)"
 fix:

data/adempiere/misuses/1/misuse.yml

@@ -7,7 +7,7 @@ crash: false
 description: >
   A string is converted to bytes without specifying an explicit encoding.
   The bytes are then passed to Cipher.doFinal(). The fix specifies the encoding "UTF-8".
-location:
+locations:
   file: org/compiere/util/Secure.java
   method: encrypt(String)
 fix:

data/adempiere/misuses/2/misuse.yml

@@ -7,7 +7,7 @@ crash: false
 description: >
   An encrypted message is decrypted and then converted back to a string, without
   specifying an explicit encoding. The fix specifies the encoding "UTF-8".
-location:
+locations:
   file: org/compiere/util/Secure.java
   method: decrypt(String)
 fix:

data/alfresco-android-app/misuses/1/misuse.yml

@@ -4,7 +4,7 @@ violations:
 - missing/condition/value_or_state
 description: >
   Uses PBEWithMD5AndDES which is considered unsafe.
-location:
+locations:
   file: main/java/org/alfresco/mobile/android/platform/security/EncryptionUtils.java
   method: "generateKey(Context, int)"
 internal: true

data/alibaba-druid/misuses/1/misuse.yml

@@ -6,7 +6,7 @@ crash: true
 description: >
   An instance of Cipher is used twice (the init() method is called again),
   which is an invalid operation.
-location:
+locations:
   file: com/alibaba/druid/filter/config/ConfigTools.java
   method: "decrypt(PublicKey, String)"
 fix:

data/alibaba-druid/misuses/2/misuse.yml

@@ -5,7 +5,7 @@ violations:
 crash: true
 description: >
   A call to Cipher.init() may throw an InvalidKeyException.
-location:
+locations:
   file: com/alibaba/druid/filter/config/ConfigTools.java
   method: "encrypt(byte[], String)"
 fix:

data/android-rcs-rcsjta/misuses/1/misuse.yml

@@ -7,7 +7,7 @@ violations:
 crash: false
 description: >
   Exports bytes for Mac.doFinal() without specifying the encoding.
-location:
+locations:
   file: com/orangelabs/rcs/core/ims/service/im/chat/ContributionIdGenerator.java
   method: getContributionId(String)
 fix:

data/androiduil/misuses/1/misuse.yml

@@ -5,7 +5,7 @@ violations:
 crash: true
 description: >
   Environment.getExternalStorageState() may throw NullPointerException.
-location:
+locations:
   file: com/nostra13/universalimageloader/utils/StorageUtils.java
   method: "getCacheDirectory(Context, boolean)"
 fix:

data/apache-gora/misuses/56_1/misuse.yml

@@ -11,7 +11,7 @@ fix:
   commit: https://github.com/apache/gora/commit/4f98503c014c359b6ab018f43920d454b0344160
   revision: 4f98503c014c359b6ab018f43920d454b0344160
 internal: false
-location:
+locations:
   file: org/apache/gora/accumulo/store/PartitionTest.java
   method: encl(long)
 report: https://github.com/apache/gora/pull/55

data/apache-gora/misuses/56_2/misuse.yml

@@ -11,7 +11,7 @@ fix:
   commit: https://github.com/apache/gora/commit/4f98503c014c359b6ab018f43920d454b0344160
   revision: 4f98503c014c359b6ab018f43920d454b0344160
 internal: false
-location:
+locations:
   file: org/apache/gora/util/TestWritableUtils.java
   method: testWritesReads()
 report: https://github.com/apache/gora/pull/55

data/apdplat/misuses/1/misuse.yml

@@ -4,7 +4,7 @@ violations:
 - missing/condition/value_or_state
 description: >
   Uses DES which is unsafe.
-location:
+locations:
   file: org/apdplat/module/security/service/sequence/EncryptClassUtils.java
   method: "encrypt(String keyFile, String classFile, String newClassFile)"
 internal: false

data/argouml/misuses/tikanga11-1/misuse.yml

@@ -7,7 +7,7 @@ crash: true
 description: >
   If the zargo file to be loaded contains no `.argo` file, this method will
   throw an exception at line 261.
-location:
+locations:
   file: org/argouml/persistence/ZargoFilePersister.java
   method: "loadFromZargo(File, ProgressMgr)"
 internal: true

data/argouml/misuses/tikanga11-2/misuse.yml

@@ -6,7 +6,7 @@ violations:
 crash: false
 description: >
   This method doesn't do what it should. Its last reference to `i2` should change to a reference to `i1`.
-location:
+locations:
   file: org/argouml/uml/util/PathComparator.java
   method: "comparePaths(Object, Object)"
 internal: false

data/argouml/misuses/tikanga11-3/misuse.yml

@@ -7,7 +7,7 @@ crash: true
 description: >
   If the zargo file to be loaded contains no `.argo` file, this method will
   throw an exception at line 218.
-location:
+locations:
   file: org/argouml/persistence/ZargoFilePersister.java
   method: "doLoad(File)"
 internal: false

data/argouml/misuses/tikanga11-4/misuse.yml

@@ -7,7 +7,7 @@ crash: true
 description: >
   If the zargo file to be loaded contains no `.xmi` file, this method will
   throw an exception at line 274.
-location:
+locations:
   file: org/argouml/persistence/ZargoFilePersister.java
   method: "loadFromZargo(File, ProgressMgr)"
 internal: true

data/aspectj/misuses/1/misuse.yml

@@ -5,7 +5,7 @@ violations:
 crash: false
 description: >
   Iterator.next() is not preceded by a Iterator.hasNext()
-location:
+locations:
   file: org/aspectj/weaver/patterns/PointcutRewriter.java
   method: "simplifyAnd(AndPointcut apc)"
 fix:

data/aspectj/misuses/2/misuse.yml

@@ -5,7 +5,7 @@ violations:
 crash: false
 description: >
 The last for loop in the method checks iter.hasNext(), but increases iter2.next()
-location:
+locations:
   file: org/aspectj/weaver/bcel/BcelClassWeaver.java
   method: "weaveAtFieldRepeatedly(List decaFs, List itdFields,List reportedErrors)"
 fix:

data/aspectj/misuses/3/misuse.yml

@@ -8,7 +8,7 @@ The last for loop in
 the method checks
 iter.hasNext(), but
 increases iter2.next()
-location:
+locations:
   file: org/aspectj/weaver/bcel/BcelClassWeaver.java
   method: "weaveAtMethodOnITDSRepeatedly(List decaMCs, List itdMethodsCtors,List reportedErrors)"
 fix:

data/aspectj/misuses/4/misuse.yml

@@ -6,7 +6,7 @@ crash: true
 description: >
   The verifyNoInheritedAlternateParameterization method in org.aspectj.weaver.patterns.DeclareParents class
   only checks one superclass of any given class instead of checking all of them.
-location:
+locations:
   file: org/aspectj/weaver/patterns/DeclareParents.java
   method: "verifyNoInheritedAlternateParameterization(ResolvedType typeToVerify,ResolvedType newParent,World world)"
 fix:

data/asterisk-java/misuses/194/misuse.yml

@@ -11,7 +11,7 @@ fix:
   commit: https://github.com/emopers/asterisk-java/commit/41461b41309bf9f027a46f178cb777a1a94b8c3f
   revision: 41461b41309bf9f027a46f178cb777a1a94b8c3f
 internal: false
-location:
+locations:
   file: org/asteriskjava/manager/event/RtcpReceivedEvent.java
   method: setPt(String)
 report: https://github.com/asterisk-java/asterisk-java/pull/132

data/asterisk-java/misuses/81/misuse.yml

@@ -10,7 +10,7 @@ fix:
   commit: https://github.com/emopers/asterisk-java/commit/304421c261da68df03ad2fb96683241c8df12c0a
   revision: 304421c261da68df03ad2fb96683241c8df12c0a
 internal: false
-location:
+locations:
   file: org/asteriskjava/manager/event/AsyncAgiEvent.java
   method: decode(String)
 report: https://github.com/asterisk-java/asterisk-java/pull/85

data/asterisk-java/misuses/dmmc-8/misuse.yml

@@ -8,7 +8,7 @@ description: |
   In line 323 the `value` is cast to `List` and its `i`s element is accessed
   without prior check that such an element exists.
 internal: false
-location:
+locations:
   file: org/asteriskjava/manager/internal/EventBuilderImpl.java
   method: buildEvent(Object, Map)
   line: 323

data/asterisk-java/misuses/dmmc-9/misuse.yml

@@ -9,7 +9,7 @@ description: |
   without prior check that there is such an element. In fact, the check in
   line 403 suggests that `getChildEvents()` might even return `null`.
 internal: false
-location:
+locations:
   file: org/asteriskjava/manager/internal/EventBuilderImpl.java
   method: buildEvent(Object, Map)
   line: 410

data/battleforge/misuses/1/misuse.yml

@@ -7,7 +7,7 @@ crash: false
 description: >
   Encoded data is converted into a String for storing, without explicitely
   specifying an encoding. The fix introduces base64 encoding.
-location:
+locations:
   file: de/battleforge/util/BFProperties.java
   method: "setProperty(BFProps, String, boolean)"
 fix:

data/battleforge/misuses/2/misuse.yml

@@ -6,7 +6,7 @@ violations:
 crash: false
 description: >
   Text is converted to bytes for encoding without an explicit encoding.
-location:
+locations:
   file: de/battleforge/util/BFProperties.java
   method: "setProperty(BFProps, String, boolean)"
 internal: false

data/battleforge/misuses/3/misuse.yml

@@ -7,7 +7,7 @@ crash: false
 description: >
   Encoded data is retrieved from a string (from storage) without explicitely
   specifying an encoding. The fix introduces base64 decoding.
-location:
+locations:
   file: de/battleforge/util/BFProperties.java
   method: getProperty(BFProps)
 fix:

data/battleforge/misuses/4/misuse.yml

@@ -6,7 +6,7 @@ violations:
 crash: false
 description: >
   Decoded data is converted to String without explicitly specifying an encoding.
-location:
+locations:
   file: de/battleforge/util/BFProperties.java
   method: getProperty(BFProps)
 internal: false

data/bcel/misuses/101/misuse.yml

@@ -10,7 +10,7 @@ fix:
   commit: https://github.com/apache/commons-bcel/commit/6296aa33e01e33c81811f0853251c539cdbd61ad
   revision: 6296aa33e01e33c81811f0853251c539cdbd61ad
 internal: false
-location:
+locations:
   file: org/apache/commons/bcel6/generic/InstructionList.java
   method: getByteCode()
 report: https://github.com/apache/commons-bcel/pull/3

data/calligraphy/misuses/1/misuse.yml

@@ -6,7 +6,7 @@ violations:
 crash: true
 description: >
   Context.obtainStyledAttributes().getString() may throw on some platforms.
-location:
+locations:
   file: uk/co/chrisjenx/calligraphy/CalligraphyUtils.java
   method: "pullFontPathFromStyle(Context, AttributeSet, int)"
 fix:

data/calligraphy/misuses/2/misuse.yml

@@ -6,7 +6,7 @@ violations:
 crash: true
 description: >
   Theme.obtainStyledAttributes().getString() may throw on some platforms.
-location:
+locations:
   file: uk/co/chrisjenx/calligraphy/CalligraphyUtils.java
   method: "pullFontPathFromTheme(Context, int, int)"
 fix:

data/cgeo/misuses/1/misuse.yml

@@ -6,7 +6,7 @@ crash: true
 description: >
   Passes invalid mime-type to Intent.setDataAndType().
   http://stackoverflow.com/questions/6573541/no-intent-to-view-jpg-on-honeycomb
-location:
+locations:
   file: cgeo/geocaching/cgeoimages.java
   method: viewImageInStandardApp(BitmapDrawable)
 fix:

data/chensun/misuses/1/misuse.yml

@@ -4,7 +4,7 @@ violations:
 - missing/condition/value_or_state
 description: >
   Uses DES which is considered unsafe.
-location:
+locations:
   file: server/generateChecksumPostsAndReplies.java
   method: "main(String[])"
 internal: true

data/chensun/misuses/2/misuse.yml

@@ -4,7 +4,7 @@ violations:
 - missing/condition/value_or_state
 description: >
   Uses a non-random key in CBC mode.
-location:
+locations:
   file: server/generateChecksumPostsAndReplies.java
   method: "main(String[])"
 internal: true

data/chensun/misuses/grouminer-3/misuse.yml

@@ -7,7 +7,7 @@ description: |
   The `ResultSet` fetched in line 644 is never closed.
   (This is the same findings as `jadet-4` and `mudetect-19`)
 internal: false
-location:
+locations:
   file: database/SocialNetworkDatabasePosts.java
   method: getPost(Connection, String, String, String, int)
   line: 644

data/chensun/misuses/grouminer-3a/misuse.yml

@@ -7,7 +7,7 @@ description: |
   The `ResultSet` fetched in line 662 is never closed.
   (This is the same findings as `jadet-4`)
 internal: false
-location:
+locations:
   file: database/SocialNetworkDatabasePosts.java
   method: getPost(Connection, String, String, String, int)
   line: 662

data/chensun/misuses/grouminer-9/misuse.yml

@@ -7,7 +7,7 @@ description: |
   The `PreparedStatement` opened in line 702 is never closed.
   (Same findings as `mudetect-17`)
 internal: false
-location:
+locations:
   file: database/SocialNetworkDatabasePosts.java
   method: addFFAParticipipant(Connection, int, String, String)
   line: 702

data/chensun/misuses/jadet-1/misuse.yml

@@ -7,7 +7,7 @@ description: |
   The `PreparedStatement` opened in line 635 is never closed.
   (Same finding as `mudetect-19` and `mudetectxp-7`)
 internal: false
-location:
+locations:
   file: database/SocialNetworkDatabasePosts.java
   method: getPost(Connection, String, String, String, int)
   line: 635

data/chensun/misuses/jadet-1a/misuse.yml

@@ -7,7 +7,7 @@ description: |
   The `PreparedStatement` opened in line 636 is never closed.
   (Same finding as `mudetect-18` and `mudetectxp-8`)
 internal: false
-location:
+locations:
   file: database/SocialNetworkDatabasePosts.java
   method: getPost(Connection, String, String, String, int)
   line: 636

data/chensun/misuses/jadet-2/misuse.yml

@@ -6,7 +6,7 @@ crash: false
 description: |
   The `ResultSet` fetched in line 375 is not closed in case of an exception.
 internal: false
-location:
+locations:
   file: database/SocialNetworkDatabaseBoards.java
   method: getBoardList(Connection, String)
   line: 375

data/chensun/misuses/jadet-2a/misuse.yml

@@ -7,7 +7,7 @@ description: |
   The `ResultSet` fetched in line 350 is not closed in case of an exception.
   (This is the same findings as `mudetect-11`)
 internal: false
-location:
+locations:
   file: database/SocialNetworkDatabaseBoards.java
   method: getBoardList(Connection, String)
   line: 350

data/chensun/misuses/jadet-5/misuse.yml

@@ -7,7 +7,7 @@ description: |
   The `ResultSet` fetched in line 290 is not closed in case of an exception.
   (Same finding as `mudetectxp-13`)
 internal: false
-location:
+locations:
   file: database/SocialNetworkDatabaseBoards.java
   method: authorizedGoToBoard(Connection, String, String)
   line: 290