PhexSecurityManager.java
| Index Score | ||
|---|---|---|
 |
 |
phex.security |
 |
 |
Phex |
View: Reasons, Metrics, Source Code
These are the metrics that contribute to the Enerjy Score for this file, ranked by impact. So the metrics listed at the top influence the score to a greater extent that the metrics listed at the bottom.
| Metric | Description | |
|---|---|---|
| EXITS | Procedure exits |  |
| JAVA0177 | JAVA0177 Variable declaration missing initializer | |
| SIZE | Size of the file in bytes | |
| LOC | Lines of code | |
| LINE_COMMENT | Number of line comments | |
| UNIQUE_OPERANDS | Number of unique operands | |
| ELOC | Effective lines of code | |
| PROGRAM_VOCAB | Halstead program vocabulary | |
| OPERATORS | Number of operators | |
| PROGRAM_LENGTH | Halstead program length | |
| JAVA0117 | JAVA0117 Missing javadoc: method 'method' | |
| OPERANDS | Number of operands | |
| BLOCKS | Number of blocks | |
| LOGICAL_LINES | Number of statements | |
| JAVA0049 | JAVA0049 Nested block at depth N (maximum: M) | |
| JAVA0034 | JAVA0034 Missing braces in if statement | |
| LINES | Number of lines in the source file | |
| CYCLOMATIC | Cyclomatic complexity | |
| NEST_DEPTH | Maximum nesting depth | |
| EXEC_COMMENTS | Comments in executable code | |
| COMPARISONS | Number of comparison operators | |
| PARAMS | Number of formal parameter declarations | |
| JAVA0076 | JAVA0076 Use of magic number | |
| UNIQUE_OPERATORS | Number of unique operators | |
| INTERFACE_COMPLEXITY | Interface complexity | |
| PROGRAM_VOLUME | Halstead program volume | |
| JAVA0136 | JAVA0136 N methods defined in class (maximum: M) | |
| JAVA0138 | JAVA0138 N parameters defined for method (maximum: M) | |
| JAVA0126 | JAVA0126 Method declares unchecked exception in throws | |
| JAVA0110 | JAVA0110 Incorrect javadoc: no @return tag | |
| JAVA0108 | JAVA0108 Incorrect javadoc: no @param tag for 'parameter' | |
| DOC_COMMENT | Number of javadoc comment lines | |
| JAVA0130 | JAVA0130 Non-static method does not use instance fields | |
| JAVA0270 | JAVA0270 Use Java 5.0 enhanced for loop construct to iterate over all elements in an array | |
| JAVA0145 | JAVA0145 Tab character used in source file | |
| COMMENTS | Comment lines | |
/*
* PHEX - The pure-java Gnutella-servent.
* Copyright (C) 2001 - 2008 Phex Development Group
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* --- SVN Information ---
* $Id: PhexSecurityManager.java 4205 2008-06-18 09:49:16Z gregork $
*/
package phex.security;
import java.io.BufferedReader;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import phex.common.AbstractLifeCycle;
import phex.common.Environment;
import phex.common.EnvironmentConstants;
import phex.common.ExpiryDate;
import phex.common.URN;
import phex.common.address.AddressUtils;
import phex.common.address.DestAddress;
import phex.common.address.IpAddress;
import phex.common.file.FileManager;
import phex.common.file.ManagedFile;
import phex.common.file.ManagedFileException;
import phex.common.log.NLogger;
import phex.event.ContainerEvent;
import phex.event.PhexEventTopics;
import phex.event.UserMessageListener;
import phex.prefs.core.SecurityPrefs;
import phex.servent.Servent;
import phex.share.SharedResource;
import phex.utils.StringUtils;
import phex.utils.VersionUtils;
import phex.xml.sax.DPhex;
import phex.xml.sax.XMLBuilder;
import phex.xml.sax.security.DIpAccessRule;
import phex.xml.sax.security.DSecurity;
import phex.xml.sax.security.DSecurityRule;
public class PhexSecurityManager extends AbstractLifeCycle
{
private static final String[] SHA1_FILES =
{
"BearShare and LimeWire Pro scams and worms.SHA1",
"Fakes.SHA1",
"SPAM - 0-8K bytes - How2 [open with notepad.avi].SHA1",
"SPAM - 15,872, 70-170K bytes - EFreeClub.SHA1",
"SPAM - 22 bytes - Empty zip files.SHA1",
"SPAM - Various.SHA1",
"TROJAN - 50-80K bytes - ISTbar.SHA1",
"TROJAN - 61-62K bytes - Mainpean StarDialer.SHA1",
"TROJAN - 81,964 bytes - WinVBIE Toolbar.SHA1",
"TROJAN - 233472 bytes - Dropper.Generic.DZD.SHA1",
"TROJAN - 783843 bytes - Crypt.B.SHA1",
"WORM - 71,070 bytes - W32.Alcra.C.SHA1",
"WORM - 123897 bytes - GEDZAC VBS-Israfel.SHA1",
"WORM - 178861 bytes - IRC.Backdoor.SdBot.LFI.SHA1",
"WORM - 202477 bytes - Generic.FX!CME-24.SHA1",
"WORM - 535082 bytes - W32.Alcra.D.SHA1",
"WORM - 643767 bytes - VB.FL.SHA1",
"WORM - 872159 bytes - VB.CC.SHA1",
"Phex Collected.SHA1"
};
/**
* A list of all ip access rules.
*/
private ArrayList<IpSecurityRule> ipAccessRuleList;
/**
* Ip list containing Phex default system rules.
*/
private final IpSystemRuleList ipSystemRuleList;
/**
* Ip list containing user rules. We mainly need an additional list for users
* to distinguish between different AccessTypes.
*/
private final IpSystemRuleList ipUserRuleList;
private final Set<String> blockedUrnSet;
private final HashMap<SharedResource, IpPortSystemRuleList> eligibleIpListMap;
public PhexSecurityManager()
{
ipAccessRuleList = new ArrayList<IpSecurityRule>();
ipSystemRuleList = new IpSystemRuleList();
ipUserRuleList = new IpSystemRuleList();
blockedUrnSet = new HashSet<String>();
eligibleIpListMap = new HashMap<SharedResource, IpPortSystemRuleList>();
}
public void addIpSystemRuleListToSharedResource(Object key, String IpAddressStr, int port)
{
int ip = AddressUtils.parseDottedIpToInt(IpAddressStr);
IpSystemSecurityRule rule = new IpSystemSecurityRule(ip, (byte)32);
IpPortSystemRuleList rulesList = this.eligibleIpListMap.get(key);
if (rulesList == null) {
rulesList = new IpPortSystemRuleList();
this.eligibleIpListMap.put((SharedResource)key, rulesList);
}
rulesList.add(new IpPortAddress(IpAddressStr, port), rule);
}
public void removeIpSystemRuleListFromSharedResource(Object key)
{
// The key is an instance of SharedResource object
IpPortSystemRuleList rulesList = eligibleIpListMap.get(key);
if (rulesList != null) {
eligibleIpListMap.remove(key);
rulesList.removeAll();
}
}
public boolean isEligibleIpAddress(byte[] hostIP, Object key)
{
IpPortSystemRuleList rulesList = null;
IpCidrPair checkPair = null;
// hostIP is null if PHEX_EXTENDED_ORIGIN attribute is not sent at all.
if (hostIP != null) {
checkPair = new IpCidrPair( AddressUtils.byteIpToIntIp(hostIP) );
}
// The key is an instance of SharedResource object
rulesList = this.eligibleIpListMap.get(key);
if (rulesList == null) {
// assumption1: if no ipRulesList is defined for this SharedResource the return back the specific resource
return true;
}
if (checkPair == null) {
// assumption2: if no PHEX_EXTENDED_ORIGIN attribute is sent, do not return this resource.
return false;
}
return (rulesList.containsRuleAndPort(checkPair, new IpPortAddress(hostIP)));
}
public AccessType controlUrnAccess( URN urn )
{
if ( urn.isSha1Nid() )
{
if( blockedUrnSet.contains( urn.getSHA1Nss() ) )
{
return AccessType.ACCESS_STRONGLY_DENIED;
}
}
return AccessType.ACCESS_GRANTED;
}
private void loadHostileSha1List()
{
if ( !SecurityPrefs.LoadHostileSha1List.get().booleanValue() )
{
return;
}
try
{
NLogger.debug( PhexSecurityManager.class,
"Load hostile sha1 files." );
long start = System.currentTimeMillis();
for ( int i = 0; i < SHA1_FILES.length; i++ )
{
InputStream inStream = ClassLoader.getSystemResourceAsStream(
"phex/resources/sha1/" + SHA1_FILES[i] );
BufferedReader br;
if ( inStream != null )
{
br = new BufferedReader( new InputStreamReader( inStream ) );
}
else
{
NLogger.debug( PhexSecurityManager.class,
"Hostile sha1 file not found: " + SHA1_FILES[i] );
continue;
}
String line;
while ( (line = br.readLine()) != null)
{
if ( StringUtils.isEmpty(line) || line.startsWith("#") )
{
continue;
}
if ( line.length() != 32 )
{
NLogger.warn( PhexSecurityManager.class,
"Skip invalid line: " + line + " in " + SHA1_FILES[i]);
continue;
}
boolean succ = blockedUrnSet.add(line);
if ( !succ && NLogger.isDebugEnabled( PhexSecurityManager.class ) )
{
NLogger.warn( PhexSecurityManager.class,
"Found dupplicate: " + line + " in " + SHA1_FILES[i] );
}
}
br.close();
}
long end = System.currentTimeMillis();
NLogger.debug( PhexSecurityManager.class,
"Loaded hostile sha1 file: " + (end-start) );
}
catch ( IOException exp )
{
NLogger.warn( PhexSecurityManager.class, exp, exp );
}
}
/////////////////// IP access rules //////////////////////
public int getIPAccessRuleCount()
{
synchronized( ipAccessRuleList )
{
return ipAccessRuleList.size();
}
}
public IpSecurityRule getIPAccessRule( int index )
{
synchronized( ipAccessRuleList )
{
if ( index < 0 || index >= ipAccessRuleList.size() )
{
return null;
}
return ipAccessRuleList.get( index );
}
}
public IpSecurityRule[] getIPAccessRulesAt( int[] indices )
{
synchronized( ipAccessRuleList )
{
int length = indices.length;
IpSecurityRule[] rules = new IpSecurityRule[ length ];
int listSize = ipAccessRuleList.size();
for ( int i = 0; i < length; i++ )
{
if ( indices[i] < 0 || indices[i] >= listSize )
{
rules[i] = null;
}
else
{
rules[i] = ipAccessRuleList.get( indices[i] );
}
}
return rules;
}
}
public IpUserSecurityRule createIPAccessRule( String description,
byte[] ip, byte cidr, boolean isDisabled, ExpiryDate expiryDate,
boolean isDeletedOnExpiry )
{
IpUserSecurityRule rule = new IpUserSecurityRule( description,
ip, cidr, isDisabled, isDeletedOnExpiry, expiryDate );
int position;
synchronized( ipAccessRuleList )
{
position = ipAccessRuleList.size();
ipAccessRuleList.add( rule );
}
ipUserRuleList.add( rule );
fireSecurityRuleAdded( rule, position );
return rule;
}
public IpUserSecurityRule updateIpUserSecurityRule( IpUserSecurityRule oldRule,
String description, byte[] ip, byte cidr, boolean isDisabled,
ExpiryDate expiryDate, boolean isDeletedOnExpiry )
{
IpUserSecurityRule rule = new IpUserSecurityRule( description,
ip, cidr, isDisabled, isDeletedOnExpiry, expiryDate );
rule.setTriggerCount( oldRule.getTriggerCount() );
removeSecurityRule( oldRule );
int position;
synchronized( ipAccessRuleList )
{
position = ipAccessRuleList.size();
ipAccessRuleList.add( rule );
}
ipUserRuleList.add( rule );
fireSecurityRuleAdded( rule, position );
return rule;
}
public void removeSecurityRule( SecurityRule rule )
{
int idx;
synchronized( ipAccessRuleList )
{
idx = ipAccessRuleList.indexOf( rule );
if ( idx != -1 )
{
ipAccessRuleList.remove( idx );
}
}
if ( idx != -1 )
{
ipUserRuleList.remove( (IpSecurityRule)rule );
fireSecurityRuleRemoved( rule, idx );
}
}
public AccessType controlHostAddressAccess( DestAddress address )
{
IpAddress ipAddress = address.getIpAddress();
if ( ipAddress == null )
{// no ip address... security is not checking not ip based addresses.
return AccessType.ACCESS_GRANTED;
}
byte[] hostIP = ipAddress.getHostIP();
return controlHostIPAccess( hostIP );
}
public AccessType controlHostIPAccess( byte[] hostIP )
{
IpCidrPair checkPair = new IpCidrPair( AddressUtils.byteIpToIntIp(hostIP) );
boolean contains = ipSystemRuleList.contains( checkPair );
if ( contains )
{
return AccessType.ACCESS_STRONGLY_DENIED;
}
contains = ipUserRuleList.contains( checkPair );
if ( contains )
{
return AccessType.ACCESS_DENIED;
}
return AccessType.ACCESS_GRANTED;
}
private void loadHostileHostList( Map<String, DIpAccessRule> systemRuleMap )
{
if ( !SecurityPrefs.LoadHostileHostList.get().booleanValue() )
{
return;
}
try
{
NLogger.debug( PhexSecurityManager.class,
"Load hostile hosts file." );
long start = System.currentTimeMillis();
InputStream inStream = ClassLoader.getSystemResourceAsStream(
"phex/resources/hostiles/gtkg-hostiles.txt" );
//"phex/resources/hostilehosts.gz" );
BufferedReader br;
if ( inStream != null )
{
br = new BufferedReader( new InputStreamReader( /*new GZIPInputStream(*/ inStream /*)*/ ) );
}
else
{
NLogger.debug( PhexSecurityManager.class,
"Hostile hosts file not found." );
return;
}
String line;
int ip;
byte cidr;
IpSystemSecurityRule rule;
while ( (line = br.readLine()) != null)
{
if ( line.startsWith("#") )
{
continue;
}
line = line.trim();
if ( StringUtils.isEmpty(line) )
{
continue;
}
int slashIdx = line.indexOf( '/' );
if ( slashIdx == -1 )
{// single ip...
ip = AddressUtils.parseDottedIpToInt( line );
cidr = 32;
}
else
{
String ipStr = line.substring( 0, slashIdx ).trim();
String extensionStr = line.substring( slashIdx + 1 ).trim();
ip = AddressUtils.parseDottedIpToInt( ipStr );
cidr = AddressUtils.parseNetmaskToCidr( extensionStr );
}
rule = new IpSystemSecurityRule( ip, cidr );
// adjust hit count..
DSecurityRule xjbRule = findSystemXJBRule( systemRuleMap, ip,
cidr );
if ( xjbRule != null )
{
rule.setTriggerCount( xjbRule.getTriggerCount() );
}
ipAccessRuleList.add( rule );
ipSystemRuleList.add( rule );
//if ( ipAccessRuleList.size()%10000==0)
//{
// long end = System.currentTimeMillis();
// NLogger.debug( NLoggerNames.Security,
// "Part: " + ((double)(end-start)/(double)ipAccessRuleList.size()) + " " + ipAccessRuleList.size() );
//}
}
br.close();
long end = System.currentTimeMillis();
NLogger.debug( PhexSecurityManager.class,
"Loaded hostile hosts file: " + (end-start) );
}
catch ( IOException exp )
{
NLogger.warn( PhexSecurityManager.class, exp, exp );
}
}
private DSecurityRule findSystemXJBRule( Map<String, DIpAccessRule> systemRuleMap, int ip,
byte cidr )
{
DSecurityRule xjbRule = systemRuleMap.get(
AddressUtils.ip2string(ip) + "/" + cidr );
if ( xjbRule == null || !xjbRule.isSystemRule())
{
return null;
}
return xjbRule;
}
private void loadSecurityRuleList()
{
NLogger.debug( PhexSecurityManager.class,
"Loading security rule list..." );
File securityFile = Environment.getInstance().getPhexConfigFile(
EnvironmentConstants.XML_SECURITY_FILE_NAME );
DPhex dPhex;
try
{
if ( securityFile.exists() )
{
FileManager fileMgr = FileManager.getInstance();
ManagedFile managedFile = fileMgr.getReadWriteManagedFile( securityFile );
dPhex = XMLBuilder.loadDPhexFromFile( managedFile );
}
else
{
dPhex = new DPhex();
}
DSecurity dSecurity = dPhex.getSecurityList();
if ( dSecurity == null )
{
NLogger.debug( PhexSecurityManager.class,
"No security definition found." );
dSecurity = new DSecurity();
}
synchronized( ipAccessRuleList )
{
List<DSecurityRule> dRuleList = dSecurity.getIpAccessRuleList();
Map<String, DIpAccessRule> systemRuleMap = new HashMap<String, DIpAccessRule>();
for( DSecurityRule dRule : dRuleList )
{
// currently we only have DIpAccessRules
DIpAccessRule dIpRule = (DIpAccessRule)dRule;
if( dIpRule.hasDenyingRule() && !dIpRule.isDenyingRule() )
{
// currently we don't support ACCEPT IP rules
// this is done to improve performance in the lookup
// process. A different solution would be to inverse
// all ACCEPT rules to achieve the same effect. Is it
// worth the extra work? TODO3
continue;
}
if ( !dRule.isSystemRule() )
{
if ( dIpRule.hasCidr() )
{
IpUserSecurityRule rule = new IpUserSecurityRule(
dIpRule.getDescription(), dIpRule.getIp(),
dIpRule.getCidr(), dIpRule.isDisabled(),
dIpRule.isDeletedOnExpiry(), dIpRule.getExpiryDate() );
rule.setTriggerCount( dIpRule.getTriggerCount() );
ipAccessRuleList.add( rule );
ipUserRuleList.add( rule );
}
else
{
if ( dIpRule.getAddressType() == DIpAccessRule.NETWORK_MASK )
{
IpUserSecurityRule rule = new IpUserSecurityRule(
dIpRule.getDescription(), dIpRule.getIp(),
AddressUtils.calculateCidr( dIpRule.getCompareIp() ),
dIpRule.isDisabled(), dIpRule.isDeletedOnExpiry(),
dIpRule.getExpiryDate() );
rule.setTriggerCount( dIpRule.getTriggerCount() );
ipAccessRuleList.add( rule );
ipUserRuleList.add( rule );
}
else if ( dIpRule.getAddressType() == DIpAccessRule.SINGLE_ADDRESS )
{
IpUserSecurityRule rule = new IpUserSecurityRule(
dIpRule.getDescription(), dIpRule.getIp(),
(byte)32, dIpRule.isDisabled(),
dIpRule.isDeletedOnExpiry(), dIpRule.getExpiryDate() );
rule.setTriggerCount( dIpRule.getTriggerCount() );
ipAccessRuleList.add( rule );
ipUserRuleList.add( rule );
}
else if ( dIpRule.getAddressType() == DIpAccessRule.NETWORK_RANGE )
{
List<IpCidrPair> pairList = AddressUtils.range2cidr(
dIpRule.getIp(), dIpRule.getCompareIp() );
for ( IpCidrPair pair : pairList )
{
IpUserSecurityRule rule = new IpUserSecurityRule(
dIpRule.getDescription(), pair.ipAddr,
pair.cidr, dIpRule.isDisabled(),
dIpRule.isDeletedOnExpiry(), dIpRule.getExpiryDate() );
rule.setTriggerCount( dIpRule.getTriggerCount() );
ipAccessRuleList.add( rule );
ipUserRuleList.add( rule );
}
}
}
}
else
{
if ( dIpRule.hasCidr() )
{
String keyStr = AddressUtils.ip2string( dIpRule.getIp() )
+ "/" + String.valueOf( dIpRule.getCidr() );
systemRuleMap.put( keyStr, dIpRule);
}
else
{
StringBuffer keyBuf = new StringBuffer( AddressUtils.ip2string( dIpRule.getIp() ) );
keyBuf.append( "/" );
if ( dIpRule.getCompareIp() == null )
{
keyBuf.append( "32" );
}
else
{
keyBuf.append( AddressUtils.calculateCidr(
dIpRule.getCompareIp() ) );
}
systemRuleMap.put( keyBuf.toString(), dIpRule);
}
}
}
loadHostileHostList( systemRuleMap );
// optimize ipAccessRuleList
ipAccessRuleList.trimToSize();
}
}
catch ( IOException exp )
{
NLogger.error( PhexSecurityManager.class, exp, exp );
Environment.getInstance().fireDisplayUserMessage(
UserMessageListener.SecuritySettingsLoadFailed,
new String[]{ exp.toString() } );
return;
}
catch ( ManagedFileException exp )
{
NLogger.error( PhexSecurityManager.class, exp, exp );
Environment.getInstance().fireDisplayUserMessage(
UserMessageListener.SecuritySettingsLoadFailed,
new String[]{ exp.toString() } );
return;
}
}
private void saveSecurityRuleList()
{
NLogger.debug( PhexSecurityManager.class, "Saving security rule list..." );
try
{
DPhex dPhex = new DPhex();
dPhex.setPhexVersion( VersionUtils.getFullProgramVersion() );
DSecurity security = new DSecurity();
dPhex.setSecurityList( security );
synchronized( ipAccessRuleList )
{
for ( IpSecurityRule rule : ipAccessRuleList )
{
if ( !rule.isSystemRule() && rule.isDeletedOnExpiry() &&
( rule.getExpiryDate().isExpiringEndOfSession() ||
rule.getExpiryDate().isExpired() ) )
{// skip session expiry rules that get deleted on expiry...
// except if they are system rules
continue;
}
if ( rule.isSystemRule() && rule.getTriggerCount() == 0)
{// we don't care about system rules with no trigger count.
continue;
}
DSecurityRule dRule = rule.createDSecurityRule();
security.getIpAccessRuleList().add( dRule );
}
}
File securityFile = Environment.getInstance().getPhexConfigFile(
EnvironmentConstants.XML_SECURITY_FILE_NAME );
ManagedFile managedFile = FileManager.getInstance().getReadWriteManagedFile( securityFile );
XMLBuilder.saveToFile( managedFile, dPhex );
}
catch ( IOException exp )
{
// TODO during close this message is never displayed since application
// will exit too fast. A solution to delay exit process in case
// SlideInWindows are open needs to be found.
NLogger.error( PhexSecurityManager.class, exp, exp );
Environment.getInstance().fireDisplayUserMessage(
UserMessageListener.SecuritySettingsSaveFailed,
new String[]{ exp.toString() } );
}
catch ( ManagedFileException exp )
{
// TODO during close this message is never displayed since application
// will exit too fast. A solution to delay exit process in case
// SlideInWindows are open needs to be found.
NLogger.error( PhexSecurityManager.class, exp, exp );
Environment.getInstance().fireDisplayUserMessage(
UserMessageListener.SecuritySettingsSaveFailed,
new String[]{ exp.toString() } );
}
}
//////////////////////// Start LifeCycle Methods ///////////////////////////
/**
* {@inheritDoc}
*/
@Override
public void doStart()
{
loadSecurityRuleList();
loadHostileSha1List();
}
/**
* {@inheritDoc}
*/
@Override
public void doStop()
{
saveSecurityRuleList();
}
//////////////////////// End LifeCycle Methods ///////////////////////////
///////////////////// START event handling methods /////////////////////////
private void fireSecurityRuleAdded( final SecurityRule rule, final int position )
{
Servent.getInstance().getEventService().publish( PhexEventTopics.Security_Rule ,
new ContainerEvent( ContainerEvent.Type.ADDED, rule, this, position ) );
}
private void fireSecurityRuleRemoved( final SecurityRule rule, final int position )
{
Servent.getInstance().getEventService().publish( PhexEventTopics.Security_Rule ,
new ContainerEvent( ContainerEvent.Type.REMOVED, rule, this, position ) );
}
///////////////////// END event handling methods ////////////////////////
}
The table below shows all metrics for PhexSecurityManager.java.
| Metric | Value | Description | |
|---|---|---|---|
| BLOCKS | 94.00 | Number of blocks | |
| BLOCK_COMMENT | 21.00 | Number of block comment lines | |
| COMMENTS | 69.00 | Comment lines | |
| COMMENT_DENSITY | 0.17 | Comment density | |
| COMPARISONS | 52.00 | Number of comparison operators | |
| CYCLOMATIC | 79.00 | Cyclomatic complexity | |
| DECL_COMMENTS | 11.00 | Comments in declarations | |
| DOC_COMMENT | 16.00 | Number of javadoc comment lines | |
| ELOC | 398.00 | Effective lines of code | |
| EXEC_COMMENTS | 14.00 | Comments in executable code | |
| EXITS | 102.00 | Procedure exits | |
| FUNCTIONS | 22.00 | Number of function declarations | |
| HALSTEAD_DIFFICULTY | 76.97 | Halstead difficulty | |
| HALSTEAD_EFFORT | 0.00 | Halstead effort | |
| INTERFACE_COMPLEXITY | 68.00 | Interface complexity | |
| JAVA0001 | 0.00 | JAVA0001 Package name does not contain only lower case letters | |
| JAVA0002 | 1.00 | JAVA0002 Package name does not begin with a top level domain name or country code | |
| JAVA0003 | 0.00 | JAVA0003 Minimize use of on-demand (.*) imports | |
| JAVA0004 | 0.00 | JAVA0004 Unnecessary import from java.lang | |
| JAVA0005 | 0.00 | JAVA0005 Imports not in specified order | |
| JAVA0006 | 0.00 | JAVA0006 Empty finally block | |
| JAVA0007 | 0.00 | JAVA0007 Should not declare public field | |
| JAVA0008 | 0.00 | JAVA0008 Empty catch block | |
| JAVA0009 | 0.00 | JAVA0009 Protected member in final class | |
| JAVA0010 | 0.00 | JAVA0010 Non-instantiable class does not contain a non-private static member | |
| JAVA0011 | 0.00 | JAVA0011 Abstract class does not contain an abstract method | |
| JAVA0012 | 0.00 | JAVA0012 Non-constructor method with same name as declaring class | |
| JAVA0013 | 0.00 | JAVA0013 Non-blank final field is not static | |
| JAVA0014 | 0.00 | JAVA0014 Class with only static members has non-private constructor | |
| JAVA0015 | 0.00 | JAVA0015 Package class contains public nested type | |
| JAVA0016 | 0.00 | JAVA0016 Abstract class contains public constructor | |
| JAVA0017 | 0.00 | JAVA0017 Class name does not have required form | |
| JAVA0018 | 0.00 | JAVA0018 Method name does not have required form | |
| JAVA0019 | 0.00 | JAVA0019 Interface name does not have required form | |
| JAVA0020 | 0.00 | JAVA0020 Field name does not have required form | |
| JAVA0021 | 0.00 | JAVA0021 Interface method name does not have required form | |
| JAVA0022 | 0.00 | JAVA0022 Static final field name does not have required form | |
| JAVA0023 | 0.00 | JAVA0023 Empty finalize method | |
| JAVA0024 | 0.00 | JAVA0024 Empty class | |
| JAVA0025 | 0.00 | JAVA0025 Method override is empty | |
| JAVA0026 | 0.00 | JAVA0026 Finalize method with parameters | |
| JAVA0029 | 0.00 | JAVA0029 Private method not used | |
| JAVA0030 | 0.00 | JAVA0030 Private field not used | |
| JAVA0031 | 0.00 | JAVA0031 Case statement not properly closed | |
| JAVA0032 | 0.00 | JAVA0032 Switch statement missing default | |
| JAVA0033 | 0.00 | JAVA0033 default: not last case in switch statement | |
| JAVA0034 | 0.00 | JAVA0034 Missing braces in if statement | |
| JAVA0035 | 0.00 | JAVA0035 Missing braces in for statement | |
| JAVA0036 | 0.00 | JAVA0036 Missing braces in while statement | |
| JAVA0038 | 0.00 | JAVA0038 Non-case label in switch statement | |
| JAVA0039 | 0.00 | JAVA0039 Break statement with label | |
| JAVA0040 | 0.00 | JAVA0040 Switch statement contains N cases (maximum: M) | |
| JAVA0041 | 0.00 | JAVA0041 Nested synchronized block | |
| JAVA0042 | 0.00 | JAVA0042 Empty synchronized statement | |
| JAVA0043 | 0.00 | JAVA0043 Inner class does not use outer class | |
| JAVA0044 | 0.00 | JAVA0044 Serializable class with no instance variables | |
| JAVA0045 | 0.00 | JAVA0045 Serializable class with only transient fields | |
| JAVA0046 | 0.00 | JAVA0046 Name of class not derived from Exception ends with 'Exception' | |
| JAVA0047 | 0.00 | JAVA0047 Serializable class derives from invalid base class | |
| JAVA0048 | 0.00 | JAVA0048 Name of class derived from Exception does not end with 'Exception' | |
| JAVA0049 | 4.00 | JAVA0049 Nested block at depth N (maximum: M) | |
| JAVA0050 | 0.00 | JAVA0050 Class derives from java.lang.Error | |
| JAVA0051 | 0.00 | JAVA0051 Class derives from java.lang.RuntimeException | |
| JAVA0052 | 0.00 | JAVA0052 Class derives from java.lang.Throwable | |
| JAVA0053 | 0.00 | JAVA0053 Unused label | |
| JAVA0054 | 0.00 | JAVA0054 Inheritance depth N exceeds maximum M | |
| JAVA0055 | 0.00 | JAVA0055 Class should be interface | |
| JAVA0056 | 0.00 | JAVA0056 Unnecessary abstract modifier for interface or annotation | |
| JAVA0057 | 0.00 | JAVA0057 Unnecessary default constructor | |
| JAVA0058 | 0.00 | JAVA0058 Constructor calls super() | |
| JAVA0059 | 0.00 | JAVA0059 Method override only calls super() | |
| JAVA0061 | 0.00 | JAVA0061 Inaccessible member in anonymous class | |
| JAVA0062 | 0.00 | JAVA0062 Public class missing public member or protected constructor | |
| JAVA0063 | 0.00 | JAVA0063 Identifier name should not contain '$' | |
| JAVA0064 | 0.00 | JAVA0064 N variations of identifier name (maximum: M) | |
| JAVA0065 | 0.00 | JAVA0065 Unnecessary final modifier for method in final class | |
| JAVA0066 | 0.00 | JAVA0066 Unnecessary modifier for interface nested type | |
| JAVA0067 | 0.00 | JAVA0067 Array descriptor on identifier name | |
| JAVA0068 | 0.00 | JAVA0068 Modifiers not declared in recommended order | |
| JAVA0071 | 0.00 | JAVA0071 Strings compared with == | |
| JAVA0073 | 0.00 | JAVA0073 Integer division in floating-point context | |
| JAVA0074 | 0.00 | JAVA0074 Use of Object.notify() | |
| JAVA0075 | 0.00 | JAVA0075 Method parameter hides field | |
| JAVA0076 | 4.00 | JAVA0076 Use of magic number | |
| JAVA0077 | 0.00 | JAVA0077 Private field not used in declaring class | |
| JAVA0078 | 0.00 | JAVA0078 Floating point values compared with == | |
| JAVA0079 | 0.00 | JAVA0079 Use of instance to reference static member | |
| JAVA0080 | 0.00 | JAVA0080 Import declaration not used | |
| JAVA0081 | 0.00 | JAVA0081 Boolean literal in comparison | |
| JAVA0082 | 0.00 | JAVA0082 Unnecessary widening cast | |
| JAVA0083 | 0.00 | JAVA0083 Unnecessary instanceof test | |
| JAVA0084 | 0.00 | JAVA0084 Should use compound assignment operator | |
| JAVA0085 | 0.00 | JAVA0085 Use of sun.* class | |
| JAVA0087 | 0.00 | JAVA0087 Use of Thread.sleep() | |
| JAVA0089 | 0.00 | JAVA0089 Use of restricted package | |
| JAVA0092 | 0.00 | JAVA0092 Use of restricted type | |
| JAVA0093 | 0.00 | JAVA0093 Redundant assignment | |
| JAVA0094 | 0.00 | JAVA0094 Field hides a superclass field | |
| JAVA0095 | 0.00 | JAVA0095 Uninitialized private field | |
| JAVA0096 | 0.00 | JAVA0096 Field in nested class hides outer field | |
| JAVA0098 | 0.00 | JAVA0098 Minimize use of implicit field initializers | |
| JAVA0100 | 0.00 | JAVA0100 Class contains N non-final fields (maximum: M) | |
| JAVA0101 | 0.00 | JAVA0101 Unnecessary modifier for field in interface | |
| JAVA0102 | 0.00 | JAVA0102 Last statement in finalize() not super.finalize() | |
| JAVA0103 | 0.00 | JAVA0103 Explicit call to finalize() | |
| JAVA0104 | 0.00 | JAVA0104 finalize() only calls super.finalize() | |
| JAVA0105 | 0.00 | JAVA0105 Duplicate import declaration | |
| JAVA0106 | 0.00 | JAVA0106 Unnecessary import from current package | |
| JAVA0108 | 0.00 | JAVA0108 Incorrect javadoc: no @param tag for 'parameter' | |
| JAVA0109 | 0.00 | JAVA0109 Incorrect javadoc: no parameter 'parameter' | |
| JAVA0110 | 0.00 | JAVA0110 Incorrect javadoc: no @return tag | |
| JAVA0111 | 0.00 | JAVA0111 Incorrect javadoc: @return tag for void method | |
| JAVA0112 | 0.00 | JAVA0112 Incorrect javadoc: no exception 'exception' in throws | |
| JAVA0113 | 0.00 | JAVA0113 Incorrect javadoc: no @author tag | |
| JAVA0114 | 0.00 | JAVA0114 Incorrect javadoc: no @version tag | |
| JAVA0115 | 0.00 | JAVA0115 Incorrect javadoc: no @throws or @exception tag for 'exception' | |
| JAVA0116 | 0.00 | JAVA0116 Missing javadoc: field 'field' | |
| JAVA0117 | 13.00 | JAVA0117 Missing javadoc: method 'method' | |
| JAVA0118 | 1.00 | JAVA0118 Missing javadoc: type 'type' | |
| JAVA0119 | 0.00 | JAVA0119 Control variable changed within body of for loop | |
| JAVA0123 | 0.00 | JAVA0123 Use all three components of for loop | |
| JAVA0125 | 0.00 | JAVA0125 Continue statement with label | |
| JAVA0126 | 0.00 | JAVA0126 Method declares unchecked exception in throws | |
| JAVA0128 | 0.00 | JAVA0128 Public constructor in non-public class | |
| JAVA0130 | 1.00 | JAVA0130 Non-static method does not use instance fields | |
| JAVA0131 | 0.00 | JAVA0131 Compatible method does not override base | |
| JAVA0132 | 0.00 | JAVA0132 Method overload with compatible signature | |
| JAVA0133 | 0.00 | JAVA0133 Non-synchronized method overrides synchronized method | |
| JAVA0135 | 0.00 | JAVA0135 Only one of Object.equals and Object.hashCode defined: missing 'method' | |
| JAVA0136 | 1.00 | JAVA0136 N methods defined in class (maximum: M) | |
| JAVA0137 | 0.00 | JAVA0137 Non-abstract class missing constructor | |
| JAVA0138 | 2.00 | JAVA0138 N parameters defined for method (maximum: M) | |
| JAVA0139 | 0.00 | JAVA0139 Definition of main other than public static void main(java.lang.String[]) | |
| JAVA0141 | 0.00 | JAVA0141 Unnecessary modifier for method in interface | |
| JAVA0143 | 0.00 | JAVA0143 Synchronized method | |
| JAVA0144 | 0.00 | JAVA0144 Line exceeds maximum M characters | |
| JAVA0145 | 0.00 | JAVA0145 Tab character used in source file | |
| JAVA0150 | 0.00 | JAVA0150 java.lang.Error (or subclass) thrown | |
| JAVA0153 | 0.00 | JAVA0153 Inefficient conversion of integer to string | |
| JAVA0159 | 0.00 | JAVA0159 Inefficient conversion of string to integer | |
| JAVA0160 | 0.00 | JAVA0160 Method does not throw specified exception | |
| JAVA0161 | 0.00 | JAVA0161 Conditional wait() not in loop | |
| JAVA0163 | 0.00 | JAVA0163 Empty statement | |
| JAVA0165 | 0.00 | JAVA0165 Conflicting return statement in finally block | |
| JAVA0166 | 0.00 | JAVA0166 Generic exception caught | |
| JAVA0167 | 0.00 | JAVA0167 ThreadDeath not rethrown | |
| JAVA0169 | 0.00 | JAVA0169 Unnecessary catch block: exception 'exception' | |
| JAVA0170 | 0.00 | JAVA0170 Caught exception not derived from java.lang.Exception | |
| JAVA0171 | 0.00 | JAVA0171 Unused local variable | |
| JAVA0173 | 0.00 | JAVA0173 Unused method parameter | |
| JAVA0174 | 0.00 | JAVA0174 Assigned local variable never used | |
| JAVA0175 | 0.00 | JAVA0175 Successive assignment to variable | |
| JAVA0176 | 0.00 | JAVA0176 Local variable name does not have required form | |
| JAVA0177 | 11.00 | JAVA0177 Variable declaration missing initializer | |
| JAVA0179 | 0.00 | JAVA0179 Local variable hides visible field | |
| JAVA0233 | 0.00 | JAVA0233 Definition of serialVersionUID other than 'private static final long serialVersionUID' | |
| JAVA0234 | 0.00 | JAVA0234 Class is Serializable but does not define serialVersionUID | |
| JAVA0235 | 0.00 | JAVA0235 Class defines serialVersionUID but does not implement Serializable | |
| JAVA0236 | 0.00 | JAVA0236 Attempt to clone an object which does not implement Cloneable | |
| JAVA0237 | 0.00 | JAVA0237 Class implements Cloneable but does not have public clone method | |
| JAVA0238 | 0.00 | JAVA0238 Clone method does not call super.clone() | |
| JAVA0239 | 0.00 | JAVA0239 Class declares 'readObject' or 'writeObject' but does not implement Serializable | |
| JAVA0240 | 0.00 | JAVA0240 Serializable class which declares readObject or writeObject but not both | |
| JAVA0241 | 0.00 | JAVA0241 'readObject' or 'writeObject' should be declared private in Serializable class | |
| JAVA0242 | 0.00 | JAVA0242 Transient field in non-Serializable class | |
| JAVA0243 | 0.00 | JAVA0243 'readResolve' or 'writeReplace' should be declared private or protected | |
| JAVA0244 | 0.00 | JAVA0244 Field or method name in subclass differs only by case from inherited field or method | |
| JAVA0245 | 0.00 | JAVA0245 JUnit TestCase with non-trivial constructor | |
| JAVA0246 | 0.00 | JAVA0246 JUnit assertXXX statement missing message parameter | |
| JAVA0247 | 0.00 | JAVA0247 JUnit 'setUp()' and 'tearDown()' should call super method | |
| JAVA0248 | 0.00 | JAVA0248 JUnit method 'setUp' or 'tearDown' with incorrect signature | |
| JAVA0249 | 0.00 | JAVA0249 JUnit TestCase 'suite()' should be declared static | |
| JAVA0250 | 0.00 | JAVA0250 JUnit TestCase declares testXXX method with incorrect signature | |
| JAVA0251 | 0.00 | JAVA0251 Use '%n' for line breaks in printf/format for platform independence | |
| JAVA0252 | 0.00 | JAVA0252 'enum' is a Java 1.5 reserved word | |
| JAVA0253 | 0.00 | JAVA0253 Not all enum constants consumed in switch statement | |
| JAVA0254 | 0.00 | JAVA0254 Use enhanced for loop construct instead of Iterator | |
| JAVA0255 | 0.00 | JAVA0255 Result of method invocation not used | |
| JAVA0256 | 0.00 | JAVA0256 Assignment of external collection/array to field | |
| JAVA0257 | 0.00 | JAVA0257 Use of 'Constant Interface' anti-pattern | |
| JAVA0258 | 0.00 | JAVA0258 Implement Iterable for foreach compatibility | |
| JAVA0259 | 0.00 | JAVA0259 Return of collection/array field | |
| JAVA0260 | 0.00 | JAVA0260 Use 'enum' instead of Enumerated Type pattern | |
| JAVA0261 | 0.00 | JAVA0261 Use specialized Enum collection types | |
| JAVA0262 | 0.00 | JAVA0262 Use of char in integer context | |
| JAVA0263 | 0.00 | JAVA0263 Long literal ends with 'l' instead of 'L' | |
| JAVA0264 | 0.00 | JAVA0264 Integer math in long context - check for overflow | |
| JAVA0265 | 0.00 | JAVA0265 Use of Throwable.printStackTrace() | |
| JAVA0266 | 0.00 | JAVA0266 Use of System.out | |
| JAVA0267 | 0.00 | JAVA0267 Use of System.err | |
| JAVA0269 | 0.00 | JAVA0269 Contents of StringBuffer never used | |
| JAVA0270 | 1.00 | JAVA0270 Use Java 5.0 enhanced for loop construct to iterate over all elements in an array | |
| JAVA0271 | 0.00 | JAVA0271 Minimize use of on-demand (.*) static imports | |
| JAVA0272 | 0.00 | JAVA0272 Thread.run() called | |
| JAVA0273 | 0.00 | JAVA0273 Non-final derivative of Thread calls start() in constructor | |
| JAVA0274 | 0.00 | JAVA0274 Serializable class has a synchronized readObject() | |
| JAVA0275 | 0.00 | JAVA0275 Serializable class has a synchronized writeObject() and no other synchronized methods | |
| JAVA0276 | 0.00 | JAVA0276 Unnecessary use of String constructor | |
| JAVA0277 | 0.00 | JAVA0277 Iterator.next() implementation does not throw NoSuchElementException | |
| JAVA0278 | 0.00 | JAVA0278 Unnecessary use of Boolean constructor | |
| JAVA0279 | 0.00 | JAVA0279 Serialization method readObject or readObjectNoData calls an overridable method | |
| JAVA0280 | 0.00 | JAVA0280 IllegalMonitorStateException caught | |
| JAVA0281 | 0.00 | JAVA0281 Iterator.next() not called in loop | |
| JAVA0282 | 0.00 | JAVA0282 Call to Iterator.next() in loop which does not test Iterator.hasNext() | |
| JAVA0283 | 0.00 | JAVA0283 Control variable not updated in loop body | |
| JAVA0284 | 0.00 | JAVA0284 Explicit garbage collection | |
| JAVA0285 | 0.00 | JAVA0285 Dereference of potentially null variable | |
| JAVA0286 | 0.00 | JAVA0286 Dereference of null variable | |
| JAVA0287 | 0.00 | JAVA0287 Unnecessary null check | |
| JAVA0288 | 0.00 | JAVA0288 Inconsistent null check | |
| LINES | 704.00 | Number of lines in the source file | |
| LINE_COMMENT | 32.00 | Number of line comments | |
| LOC | 579.00 | Lines of code | |
| LOGICAL_LINES | 229.00 | Number of statements | |
| LOOPS | 4.00 | Number of loops | |
| NEST_DEPTH | 8.00 | Maximum nesting depth | |
| OPERANDS | 1096.00 | Number of operands | |
| OPERATORS | 2077.00 | Number of operators | |
| PARAMS | 33.00 | Number of formal parameter declarations | |
| PROGRAM_LENGTH | 3173.00 | Halstead program length | |
| PROGRAM_VOCAB | 406.00 | Halstead program vocabulary | |
| PROGRAM_VOLUME | 0.00 | Halstead program volume | |
| RETURNS | 35.00 | Number of return points from functions | |
| SIZE | 26983.00 | Size of the file in bytes | |
| UNIQUE_OPERANDS | 356.00 | Number of unique operands | |
| UNIQUE_OPERATORS | 50.00 | Number of unique operators | |
| WHITESPACE | 56.00 | Number of whitespace lines | |