Review

Detector:	MuDetect_RankByPatternSupport
Target:	project ' itext ' version 5091
Misuse:	misuse ' dmmc-18 '
Tags:

Misuse Details

Details about the known misuse from the MUBench dataset.

Description:	StringTokenizer.nextToken() is invoked without prior check of hasMoreTokens(). This usage may be safe from context, since the tokenized value is an RBG color value which has a known number of tokens. However, the usage is unsafe against invalid values and we, therefore, consider it a misuse.
Fix Description:
Violation Types:	missing/condition/value_or_state
In File:	com/itextpdf/text/html/WebColors.java
In Method:	getRGBColor(String)
Code with Misuse:	class WebColors { /** * Gives you a BaseColor based on a name. * * @param name * a name such as black, violet, cornflowerblue or #RGB or #RRGGBB * or RGB or RRGGBB or rgb(R,G,B) * @return the corresponding BaseColor object. Never returns null. * @throws IllegalArgumentException * if the String isn't a know representation of a color. / public static BaseColor getRGBColor(String name) throws IllegalArgumentException { int[] c = { 0, 0, 0, 255 }; name = name.toLowerCase(); boolean colorStrWithoutHash = missingHashColorFormat(name); if (name.startsWith("#") \|\| colorStrWithoutHash) { if (!colorStrWithoutHash) { name = name.substring(1); // lop off the # to unify hex parsing. } if (name.length() == 3) { String s = name.substring(0, 1); c[0] = Integer.parseInt(s+s, 16); String s2 = name.substring(1, 2); c[1] = Integer.parseInt(s2+s2, 16); String s3 = name.substring(2); c[2] = Integer.parseInt(s3+s3, 16); return new BaseColor(c[0], c[1], c[2], c[3]); } if (name.length() == 6) { c[0] = Integer.parseInt(name.substring(0, 2), 16); c[1] = Integer.parseInt(name.substring(2, 4), 16); c[2] = Integer.parseInt(name.substring(4), 16); return new BaseColor(c[0], c[1], c[2], c[3]); } throw new IllegalArgumentException(MessageLocalization.getComposedMessage("unknown.color.format.must.be.rgb.or.rrggbb")); } else if (name.startsWith("rgb(")) { StringTokenizer tok = new StringTokenizer(name, "rgb(), \t\r\n\f"); for (int k = 0; k < 3; ++k) { String v = tok.nextToken(); if (v.endsWith("%")) c[k] = Integer.parseInt(v.substring(0, v.length() - 1)) 255 / 100; else c[k] = Integer.parseInt(v); if (c[k] < 0) c[k] = 0; else if (c[k] > 255) c[k] = 255; } return new BaseColor(c[0], c[1], c[2], c[3]); } if (!NAMES.containsKey(name)) // TODO localize this error message. throw new IllegalArgumentException("Color '" + name + "' not found."); c = NAMES.get(name); return new BaseColor(c[0], c[1], c[2], c[3]); } }

Potential Hits

Findings of the detector that identify an anomaly in the same file and method as the known misuse.

Hit	Rank	Confidence	Confidence String	Pattern Examples	Pattern Support	Pattern Violation	Target Environment Mapping
?	1000	0.41666666666667	pattern support = 15 / 36	itext/5091/original-src/com/itextpdf/text/xml/simpleparser/EntitiesToUnicode.java#decodeString(String);itext/5091/original-src/com/itextpdf/text/xml/simpleparser/SimpleXMLParser.java#getDeclaredEncoding(String);itext/5091/original-src/com/itextpdf/awt/geom/misc/Messages.java#format(String, Object[]);itext/5091/original-src/com/itextpdf/text/html/simpleparser/ElementFactory.java#getHyphenation(ChainedProperties);itext/5091/original-src/com/itextpdf/text/pdf/Barcode128.java#setCode(String)	15
?	1001	0.41666666666667	pattern support = 15 / 36	itext/5091/original-src/com/itextpdf/text/xml/simpleparser/EntitiesToUnicode.java#decodeString(String);itext/5091/original-src/com/itextpdf/text/xml/simpleparser/SimpleXMLParser.java#getDeclaredEncoding(String);itext/5091/original-src/com/itextpdf/awt/geom/misc/Messages.java#format(String, Object[]);itext/5091/original-src/com/itextpdf/text/html/simpleparser/ElementFactory.java#getHyphenation(ChainedProperties);itext/5091/original-src/com/itextpdf/text/pdf/Barcode128.java#setCode(String)	15
?	1002	0.41666666666667	pattern support = 15 / 36	itext/5091/original-src/com/itextpdf/text/xml/simpleparser/EntitiesToUnicode.java#decodeString(String);itext/5091/original-src/com/itextpdf/text/xml/simpleparser/SimpleXMLParser.java#getDeclaredEncoding(String);itext/5091/original-src/com/itextpdf/awt/geom/misc/Messages.java#format(String, Object[]);itext/5091/original-src/com/itextpdf/text/html/simpleparser/ElementFactory.java#getHyphenation(ChainedProperties);itext/5091/original-src/com/itextpdf/text/pdf/Barcode128.java#setCode(String)	15
?	1003	0.41666666666667	pattern support = 15 / 36	itext/5091/original-src/com/itextpdf/text/xml/simpleparser/EntitiesToUnicode.java#decodeString(String);itext/5091/original-src/com/itextpdf/text/xml/simpleparser/SimpleXMLParser.java#getDeclaredEncoding(String);itext/5091/original-src/com/itextpdf/awt/geom/misc/Messages.java#format(String, Object[]);itext/5091/original-src/com/itextpdf/text/html/simpleparser/ElementFactory.java#getHyphenation(ChainedProperties);itext/5091/original-src/com/itextpdf/text/pdf/Barcode128.java#setCode(String)	15
?	1004	0.41666666666667	pattern support = 15 / 36	itext/5091/original-src/com/itextpdf/text/xml/simpleparser/EntitiesToUnicode.java#decodeString(String);itext/5091/original-src/com/itextpdf/text/xml/simpleparser/SimpleXMLParser.java#getDeclaredEncoding(String);itext/5091/original-src/com/itextpdf/awt/geom/misc/Messages.java#format(String, Object[]);itext/5091/original-src/com/itextpdf/text/html/simpleparser/ElementFactory.java#getHyphenation(ChainedProperties);itext/5091/original-src/com/itextpdf/text/pdf/Barcode128.java#setCode(String)	15
?	136	1	pattern support = 36 / 36	itext/5091/original-src/com/itextpdf/text/pdf/hyphenation/SimplePatternParser.java#getPattern(String);itext/5091/original-src/com/itextpdf/text/pdf/BaseFont.java#convertToBytes(String);itext/5091/original-src/com/itextpdf/text/pdf/qrcode/Encoder.java#appendAlphanumericBytes(String, BitVector);itext/5091/original-src/com/itextpdf/text/pdf/qrcode/Encoder.java#chooseMode(String, String);itext/5091/original-src/com/itextpdf/text/pdf/Barcode39.java#getBarsCode39(String)	36
?	137	1	pattern support = 36 / 36	itext/5091/original-src/com/itextpdf/text/pdf/hyphenation/SimplePatternParser.java#getPattern(String);itext/5091/original-src/com/itextpdf/text/pdf/BaseFont.java#convertToBytes(String);itext/5091/original-src/com/itextpdf/text/pdf/qrcode/Encoder.java#appendAlphanumericBytes(String, BitVector);itext/5091/original-src/com/itextpdf/text/pdf/qrcode/Encoder.java#chooseMode(String, String);itext/5091/original-src/com/itextpdf/text/pdf/Barcode39.java#getBarsCode39(String)	36
?	138	1	pattern support = 36 / 36	itext/5091/original-src/com/itextpdf/text/pdf/hyphenation/SimplePatternParser.java#getPattern(String);itext/5091/original-src/com/itextpdf/text/pdf/BaseFont.java#convertToBytes(String);itext/5091/original-src/com/itextpdf/text/pdf/qrcode/Encoder.java#appendAlphanumericBytes(String, BitVector);itext/5091/original-src/com/itextpdf/text/pdf/qrcode/Encoder.java#chooseMode(String, String);itext/5091/original-src/com/itextpdf/text/pdf/Barcode39.java#getBarsCode39(String)	36
?	2220	0.27777777777778	pattern support = 10 / 36	itext/5091/original-src/com/itextpdf/text/pdf/PdfDestination.java#PdfDestination(String);itext/5091/original-src/com/itextpdf/text/pdf/BaseFont.java#createEncoding();itext/5091/original-src/com/itextpdf/text/pdf/FdfWriter.java#removeField(String);itext/5091/original-src/com/itextpdf/text/html/HtmlUtilities.java#parseAttributes(String);itext/5091/original-src/com/itextpdf/text/pdf/SimpleNamedDestination.java#createDestinationArray(String, PdfWriter)	10
?	997	0.41666666666667	pattern support = 15 / 36	itext/5091/original-src/com/itextpdf/text/xml/simpleparser/EntitiesToUnicode.java#decodeString(String);itext/5091/original-src/com/itextpdf/text/xml/simpleparser/SimpleXMLParser.java#getDeclaredEncoding(String);itext/5091/original-src/com/itextpdf/awt/geom/misc/Messages.java#format(String, Object[]);itext/5091/original-src/com/itextpdf/text/html/simpleparser/ElementFactory.java#getHyphenation(ChainedProperties);itext/5091/original-src/com/itextpdf/text/pdf/Barcode128.java#setCode(String)	15
?	998	0.41666666666667	pattern support = 15 / 36	itext/5091/original-src/com/itextpdf/text/xml/simpleparser/EntitiesToUnicode.java#decodeString(String);itext/5091/original-src/com/itextpdf/text/xml/simpleparser/SimpleXMLParser.java#getDeclaredEncoding(String);itext/5091/original-src/com/itextpdf/awt/geom/misc/Messages.java#format(String, Object[]);itext/5091/original-src/com/itextpdf/text/html/simpleparser/ElementFactory.java#getHyphenation(ChainedProperties);itext/5091/original-src/com/itextpdf/text/pdf/Barcode128.java#setCode(String)	15
?	999	0.41666666666667	pattern support = 15 / 36	itext/5091/original-src/com/itextpdf/text/xml/simpleparser/EntitiesToUnicode.java#decodeString(String);itext/5091/original-src/com/itextpdf/text/xml/simpleparser/SimpleXMLParser.java#getDeclaredEncoding(String);itext/5091/original-src/com/itextpdf/awt/geom/misc/Messages.java#format(String, Object[]);itext/5091/original-src/com/itextpdf/text/html/simpleparser/ElementFactory.java#getHyphenation(ChainedProperties);itext/5091/original-src/com/itextpdf/text/pdf/Barcode128.java#setCode(String)	15