Last Msg First Msg
























method void org.apache.roller.weblogger.util.Utilities()










method org.apache.roller.weblogger.util.Utilities__ static_init
postinit'ed(BR_TAG_PATTERN)
postinit'ed(CLOSING_A_TAG_PATTERN)
postinit'ed(CLOSING_BLOCKQUOTE_TAG_PATTERN)
postinit'ed(CLOSING_B_TAG_PATTERN)
postinit'ed(CLOSING_I_TAG_PATTERN)
postinit'ed(CLOSING_LI_TAG_PATTERN)
postinit'ed(CLOSING_OL_TAG_PATTERN)
postinit'ed(CLOSING_PRE_TAG_PATTERN)
postinit'ed(CLOSING_P_TAG_PATTERN)
postinit'ed(CLOSING_UL_TAG_PATTERN)
postinit'ed(OPENING_A_TAG_PATTERN)
postinit'ed(OPENING_BLOCKQUOTE_TAG_PATTERN)
postinit'ed(OPENING_B_TAG_PATTERN)
postinit'ed(OPENING_I_TAG_PATTERN)
postinit'ed(OPENING_LI_TAG_PATTERN)
postinit'ed(OPENING_OL_TAG_PATTERN)
postinit'ed(OPENING_PRE_TAG_PATTERN)
postinit'ed(OPENING_P_TAG_PATTERN)
postinit'ed(OPENING_UL_TAG_PATTERN)
postinit'ed(QUOTE_PATTERN)
postinit'ed(mLinkPattern)
postinit'ed(mLogger)









  infomethod not available-- call on Log org.apache.commons.logging. LogFactory:getLog(Class)











method String stripJsessionId(String)
preurl != null
postinit'ed(java.lang.String:substring(...)._tainted)
postinit'ed(java.lang.StringBuilder:toString(...)._ tainted)
postreturn_value == One-of{url, &java.lang. String:substring(...), &java.lang. StringBuilder:toString(...)}
postreturn_value != null
test_vectorjava.lang.String:indexOf(...)@89: {-1}, {-231..-2, 0..232-1}
test_vectorjava.lang.String:indexOf(...)@91: {-231.. -2, 0..232-1}, {-1}










method String escapeHTML(String)
postinit'ed(return_value)
unanalyzedcall on org.apache.commons.lang.StringUtils:replace










method String escapeHTML(String, bool)
postinit'ed(return_value)
test_vectorescapeAmpersand: {0}, {1}









  infomethod not available-- call on String org.apache.commons.lang. StringUtils:replace(String, String, String)










  infomethod not available-- call on String org.apache.commons.lang. StringUtils:replace(String, String, String)










  infomethod not available-- call on String org.apache.commons.lang. StringUtils:replace(String, String, String)










  infomethod not available-- call on String org.apache.commons.lang. StringUtils:replace(String, String, String)










  infomethod not available-- call on String org.apache.commons.lang. StringUtils:replace(String, String, String)











method String unescapeHTML(String)
postinit'ed(return_value)









  infomethod not available-- call on String org.apache.commons.lang. StringEscapeUtils:unescapeHtml(String)











method String removeHTML(String)
postreturn_value != null
unanalyzedcall on java.lang.String:indexOf
unanalyzedcall on java.lang.String:substring
unanalyzedcall on java.lang.String:length
unanalyzedcall on java.lang.String:trim










method String removeHTML(String, bool)
presumptionjava.lang.String:indexOf(...)@168 <= 232-2
postreturn_value != null
test_vectoraddSpace: {0}, {1}
test_vectorstr: Inverse{null}, Addr_Set{null}
test_vectorjava.lang.String:indexOf(...)@156: {-231. .-2, 0..232-1}, {-1}
test_vectorjava.lang.String:indexOf(...)@168: {-231. .-1}, {0..232-2}










method String removeAndEscapeHTML(String)
postinit'ed(return_value)
unanalyzedcall on java.lang.String:indexOf
unanalyzedcall on java.lang.String:substring
unanalyzedcall on java.lang.String:length
unanalyzedcall on org.apache.commons.lang.StringUtils:replace
unanalyzedcall on java.lang.String:trim
test_vectors: Inverse{null}, Addr_Set{null}










method String autoformat(String)
postinit'ed(return_value)









  infomethod not available-- call on String org.apache.commons.lang. StringUtils:replace(String, String, String)











method String addNofollow(String)
pre(soft) mLinkPattern != null
presumptionjava.util.regex.Pattern:matcher(...)@215 != null
postinit'ed(java.lang.StringBuffer:toString(...)._ tainted)
postreturn_value == One-of{html, &java.lang. StringBuffer:toString(...)}
postinit'ed(return_value)
test_vectorhtml: Addr_Set{null}, Inverse{null}
test_vectorjava.lang.String:indexOf(...)@222: {-231. .-2, 0..232-1}, {-1}
test_vectorjava.lang.String:length(...)@212: {1.. 232-1}, {0}
test_vectorjava.util.regex.Matcher:find(...)@217: {0}, {1}










method String replaceNonAlphanumeric(String)
prestr != null
postjava.lang.StringBuffer:toString(...)._tainted == 0
postreturn_value == &java.lang.StringBuffer:toStrin g(...)
unanalyzedcall on java.lang.String:length
unanalyzedcall on java.lang.String:toCharArray
unanalyzedcall on java.lang.Character:isLetterOrDigit










method String replaceNonAlphanumeric(String, char)
prestr != null
presumptiontestChars.length@251 <= 232-1
postjava.lang.StringBuffer:toString(...)._tainted == 0
postreturn_value == &java.lang.StringBuffer:toStrin g(...)
test_vectorjava.lang.Character:isLetterOrDigit(...)@253: {0}, {1}









Prev Msg Next Msg
+
low
use of default initcheck might fail: requires init'ed(testChars[i])
Prev Msg Next Msg










Prev Msg Next Msg
+
low
use of default initcheck might fail: requires init'ed(testChars[i])
Prev Msg Next Msg











method String removeNonAlphanumeric(String)
prestr != null
presumptiontestChars.length@268 <= 232-1
postjava.lang.StringBuffer:toString(...)._tainted == 0
postreturn_value == &java.lang.StringBuffer:toStrin g(...)









Prev Msg Next Msg
+
low
use of default initcheck might fail: requires init'ed(testChars[i])
Prev Msg Next Msg










Prev Msg Next Msg
+
low
use of default initcheck might fail: requires init'ed(testChars[i])
Prev Msg Next Msg











method String stringArrayToString(String[], String)
prestringArray != null
prestringArray.length <= 232-1
pre(soft) init'ed(stringArray[...])
postinit'ed(java.lang.StringBuilder:toString(...)._ tainted)
postinit'ed(return_value)
test_vectorjava.lang.String:length(...)@288: {0}, {1..232-1}









Prev Msg Next Msg
+
medium
null dereferencecheck might fail: requires ret != null
Prev Msg Next Msg











method String[] stringToStringArray(String, String)
presumptionjava.util.StringTokenizer:countTokens(...)@301 >= 1
postinit'ed(java.util.StringTokenizer:nextToken(...)._ tainted)
postreturn_value == &new String[](stringToStringArr ay#2)
postnew String[](stringToStringArray#2) num objects == 1
post(soft) return_value.length in 1..232-1
postreturn_value[...] == &java.util. StringTokenizer:nextToken(...)
test_vectorjava.util.StringTokenizer:hasMoreTokens(...)@304: {0}, {1}









Prev Msg Next Msg
+
medium
array index out of boundscheck might fail: requires i < stringArray.length
+
low
overflowcheck might fail: requires i in -231-1.. 232-2
Prev Msg Next Msg











method int[] stringToIntArray(String, String)
presumptionjava.util.StringTokenizer:countTokens(...)@315 >= 1
postreturn_value == &new int[](stringToIntArray#2)
postnew int[](stringToIntArray#2) num objects == 1
post(soft) return_value.length in 1..232-1
postinit'ed(return_value[...])
test_vectorjava.util.StringTokenizer:hasMoreTokens(...)@318: {0}, {1}









Prev Msg Next Msg
+
medium
array index out of boundscheck might fail: requires i < intArray.length
+
low
overflowcheck might fail: requires i in -231-1.. 232-2
Prev Msg Next Msg











method String intArrayToString(int[])
preintArray != null
preintArray.length <= 232-1
pre(soft) init'ed(intArray[...])
postjava.lang.Integer:toString(...)._tainted == 0
postjava.lang.StringBuilder:toString(...)._tainted == 0
postreturn_value in Addr_Set{&"",&java.lang. StringBuilder:toString(...),&java.lang. Integer:toString(...)}
test_vectorjava.lang.String:length(...)@331: {0}, {1..232-1}










method void copyFile(File, File)
prefrom != null
unanalyzedcall on java.io.BufferedInputStream
unanalyzedcall on java.io.BufferedOutputStream
unanalyzedcall on java.io.BufferedInputStream:read
unanalyzedcall on java.io.BufferedOutputStream:write
unanalyzedcall on java.lang.Throwable:__curr_excep_obj
unanalyzedcall on java.io.BufferedInputStream:close
unanalyzedcall on java.io.BufferedOutputStream:close
unanalyzedcall on java.io.IOException:getMessage
unanalyzedcall on java.io.IOException










method void copyInputToOutput(InputStream, OutputStream, long)










method void copyInputToOutput(InputStream, OutputStream)
test_vectorjava.io.BufferedInputStream:read(...)@440: {-1}, {-231..-2, 0..232-1}










method String encodePassword(String, String)
prepassword != null
pre(soft) mLogger != null
presumptionencodedPassword.length@484 <= 232-1
presumptionjava.security.MessageDigest:digest(...)@484 != null
presumptionjava.security.MessageDigest:getInstance(...)@471 != null
postjava.lang.StringBuffer:toString(...)._tainted == 0
postreturn_value == One-of{password, &java.lang. StringBuffer:toString(...)}
postreturn_value != null









  infomethod not available-- call on void org.apache.commons.logging. Log:error(Object)










Prev Msg Next Msg
+
low
use of default initcheck might fail: requires init'ed(encodedPassword[ i])
+
warning
test always goes same waytest predetermined because encodedPassword[i] mod 256 == 0
Prev Msg Next Msg










Prev Msg Next Msg
+
low
use of default initcheck might fail: requires init'ed(encodedPassword[ i])
Prev Msg Next Msg











method String encodeString(String)
prestr != null
postreturn_value != null









Prev Msg Next Msg
+
warning
unused assignmentunused assignment into base64
  infomethod not available-- call on void org.apache.commons.codec.binary. Base64()
Prev Msg Next Msg










  infomethod not available-- call on byte[] org.apache.commons.codec.binary. Base64:encodeBase64(byte[])











method String decodeString(String)
prestr != null
postreturn_value == &new String(decodeString#2)
postnew String(decodeString#2) num objects == 1









Prev Msg Next Msg
+
warning
unused assignmentunused assignment into base64
  infomethod not available-- call on void org.apache.commons.codec.binary. Base64()
Prev Msg Next Msg










  infomethod not available-- call on byte[] org.apache.commons.codec.binary. Base64:decodeBase64(byte[])











method String truncate(String, int, int, String)
postinit'ed(java.lang.String:substring(...)._tainted)
postinit'ed(java.lang.StringBuilder:toString(...)._ tainted)
postreturn_value != null
unanalyzedcall on java.lang.String:indexOf
unanalyzedcall on java.lang.String:substring
unanalyzedcall on java.lang.String:length
unanalyzedcall on java.lang.String:trim
test_vectorlower - upper: {-6_442_450_943..0}, {1..6_442_450_943}









Prev Msg Next Msg
+
warning
unused assignmentunused assignment into loc
Prev Msg Next Msg











method String truncateNicely(String, int, int, String)
prestr != null
presumptionjava.lang.String:indexOf(...)@619 + java.lang.String:length(...)@619 in -231..232-1
presumptionjava.lang.String:lastIndexOf(...)@613 <= 232-2
postinit'ed(java.lang.StringBuilder:toString(...)._ tainted)
postreturn_value == One-of{str, &java.lang. StringBuilder:toString(...)}
postreturn_value != null
unanalyzedcall on java.lang.String:indexOf
unanalyzedcall on java.lang.String:substring
unanalyzedcall on java.lang.String:length
unanalyzedcall on java.lang.String:trim
test_vectorlower - upper: {-6_442_450_943..0}, {1..6_442_450_943}










method String truncateText(String, int, int, String)
prestr != null
postinit'ed(java.lang.StringBuilder:toString(...)._ tainted)
postreturn_value == One-of{str, &java.lang. StringBuilder:toString(...)}
postreturn_value != null
unanalyzedcall on java.lang.String:indexOf
unanalyzedcall on java.lang.String:substring
unanalyzedcall on java.lang.String:length
unanalyzedcall on java.lang.String:trim
test_vectorlower - upper: {-6_442_450_943..0}, {1..6_442_450_943}









Prev Msg Next Msg
+
warning
unused assignmentunused assignment into diff
Prev Msg Next Msg










Prev Msg Next Msg
+
warning
unused assignmentunused assignment into loc
Prev Msg Next Msg











method String stripLineBreaks(String)
prestr != null
postreturn_value != null










method String removeVisibleHTMLTags(String)
prestr != null
presumptionjava.lang.StringBuffer:indexOf(...)@714 + java.lang.String:length(...)@716 in -231..232-1
presumptionjava.lang.StringBuffer:indexOf(...)@714 + java.lang.String:length(...)@717 in -231..232-1
presumptionjava.lang.StringBuffer:indexOf(...)@720 <= 232-2
presumptionjava.lang.StringBuffer:indexOf(...)@738 <= 232-2
presumptionjava.lang.StringBuffer:indexOf(...)@741 + java.lang.String:length(...)@744 in -231..232-1
presumptionjava.lang.StringBuffer:indexOf(...)@741 + java.lang.String:length(...)@745 in -231..232-1
presumptionjava.lang.StringBuffer:indexOf(...)@748 <= 232-2
postinit'ed(java.lang.StringBuffer:toString(...)._ tainted)
postreturn_value == &java.lang.StringBuffer:toStrin g(...)
unanalyzedcall on java.lang.String:replaceAll
test_vectorjava.lang.String:endsWith(...)@715: {0}, {1}
test_vectorjava.lang.StringBuffer:charAt(...)@750: {0..46, 48..216-1}, {47}
test_vectorjava.lang.StringBuffer:indexOf(...)@714: {-1}, {-231..-2, 0..232-1}
test_vectorjava.lang.StringBuffer:indexOf(...)@720: {-231..-1}, {0..232-2}
test_vectorjava.lang.StringBuffer:indexOf(...)@738: {-231..-1}, {0..232-3}
test_vectorjava.lang.StringBuffer:indexOf(...)@741: {-231..-1}, {0..232-1}
test_vectorjava.lang.StringBuffer:indexOf(...)@749: {-231..-2, 0..232-2}, {-1}










method String extractHTML(String)
presumptionjava.lang.String:indexOf(...)@778 <= 232-2
postinit'ed(java.lang.StringBuffer:toString(...)._ tainted)
postreturn_value == One-of{&"", str, &java.lang.StringBuffer:toString(...)}
postreturn_value != null
test_vectorstr: Inverse{null}, Addr_Set{null}
test_vectorjava.lang.String:indexOf(...)@772: {-231. .-2, 0..232-1}, {-1}
test_vectorjava.lang.String:indexOf(...)@778: {-231. .-1}, {0..232-2}










method String hexEncode(String)
postinit'ed(return_value)
test_vectororg.apache.commons.lang.StringUtils:isEmpty(... )@798: {0}, {1}









  infomethod not available-- call on bool org.apache.commons.lang. StringUtils:isEmpty(String)










  infomethod not available-- call on String org.apache.roller.util. RegexUtil:encode(String)











method String encodeEmail(String)
postinit'ed(return_value)









  infomethod not available-- call on String org.apache.roller.util. RegexUtil:encodeEmail(String)











method String encode(String)
postinit'ed(return_value)
test_vectors: Addr_Set{null}, Inverse{null}










method String decode(String)
postinit'ed(return_value)
test_vectors: Addr_Set{null}, Inverse{null}










method int stringToInt(String)
pre(soft) mLogger != null
presumptionjava.lang.Integer:valueOf(...)@847 != null
postinit'ed(return_value)









  infomethod not available-- call on void org.apache.commons.logging. Log:debug(Object)











method String toBase64(byte[])
preaValue != null
pre(soft) aValue.length in {0, 3..232-1}
pre(soft) init'ed(aValue[...])
postjava.lang.StringBuffer:toString(...)._tainted == 0
postreturn_value == &java.lang.StringBuffer:toStrin g(...)









Prev Msg Next Msg
+
warning
unused assignmentunused assignment into m_strBase64Chars
Prev Msg Next Msg











method String stripInvalidTagCharacters(String)
pretag != null
presumptioncharArray.length@893 <= 232-1
postjava.lang.StringBuffer:toString(...)._tainted == 0
postreturn_value == &java.lang.StringBuffer:toStrin g(...)
test_vectorjava.lang.Character:isUnicodeIdentifierPart(... )@904: {1}, {0}
test_vectorjava.lang.Character:isUnicodeIdentifierStart(... )@904: {0}, {1}









Prev Msg Next Msg
+
low
use of default initcheck might fail: requires init'ed(charArray[i])
Prev Msg Next Msg










Prev Msg Next Msg
+
low
use of default initcheck might fail: requires init'ed(c)
Prev Msg Next Msg










Prev Msg Next Msg
+
low
use of default initcheck might fail: requires init'ed(c)
Prev Msg Next Msg










Prev Msg Next Msg
+
low
use of default initcheck might fail: requires init'ed(charArray[i])
Prev Msg Next Msg











method String normalizeTag(String, Locale)
pretag != null
postreturn_value != null
unanalyzedcall on java.lang.String:toCharArray
unanalyzedcall on java.lang.Character:isUnicodeIdentifierPart
unanalyzedcall on java.lang.Character:isUnicodeIdentifierStar t
test_vectorlocale: Inverse{null}, Addr_Set{null}










method List splitStringAsTags(String)
presumptioninit'ed(java.util.Collections.EMPTY_LIST)
postinit'ed(return_value)
test_vectororg.apache.commons.lang.StringUtils:split(... )@922: Inverse{null}, Addr_Set{null}









  infomethod not available-- call on String[] org.apache.commons.lang. StringUtils:split(String, String)











method String transformToHTMLSubset(String)
presumptionjava.util.regex.Matcher:replaceAll(...)@985 != null
presumptionjava.util.regex.Pattern:compile(...)@43 != null
presumptionjava.util.regex.Pattern:compile(...)@45 != null
presumptionjava.util.regex.Pattern:compile(...)@47 != null
presumptionjava.util.regex.Pattern:compile(...)@49 != null
presumptionjava.util.regex.Pattern:compile(...)@51 != null
presumptionjava.util.regex.Pattern:compile(...)@53 != null
presumptionjava.util.regex.Pattern:compile(...)@55 != null
presumptionjava.util.regex.Pattern:compile(...)@57 != null
presumptionjava.util.regex.Pattern:compile(...)@59 != null
presumptionjava.util.regex.Pattern:compile(...)@61 != null
presumptionjava.util.regex.Pattern:compile(...)@63 != null
presumptionjava.util.regex.Pattern:compile(...)@65 != null
presumptionjava.util.regex.Pattern:compile(...)@67 != null
presumptionjava.util.regex.Pattern:compile(...)@69 != null
presumptionjava.util.regex.Pattern:compile(...)@71 != null
presumptionjava.util.regex.Pattern:compile(...)@73 != null
presumptionjava.util.regex.Pattern:compile(...)@75 != null
presumptionjava.util.regex.Pattern:compile(...)@77 != null
presumptionjava.util.regex.Pattern:compile(...)@79 != null
presumptionjava.util.regex.Pattern:compile(...)@81 != null
presumptionjava.util.regex.Pattern:matcher(...)@964 != null
postinit'ed(java.lang.StringBuilder:toString(...)._ tainted)
postinit'ed(return_value)
unanalyzedcall on java.util.regex.Pattern:matcher
unanalyzedcall on java.util.regex.Matcher:replaceAll
test_vectors: Inverse{null}, Addr_Set{null}
test_vectorjava.util.regex.Matcher:find(...)@965: {0}, {1}










method String replace(String, Pattern, String)
prepattern != null
presumptionjava.util.regex.Pattern:matcher(...)@984 != null
postinit'ed(return_value)