Kyra Pritzel-Hentley created OFBIZ-9539:
-------------------------------------------
Summary: [FB] Package org.apache.ofbiz.accounting.thirdparty.paypal
Key: OFBIZ-9539
URL: https://issues.apache.org/jira/browse/OFBIZ-9539
Project: OFBiz
Issue Type: Sub-task
Components: accounting
Affects Versions: Trunk
Reporter: Kyra Pritzel-Hentley
Priority: Minor
PayPalEvents.java:236, DM_DEFAULT_ENCODING
* Dm: Found reliance on default encoding in
org.apache.ofbiz.accounting.thirdparty.paypal.PayPalEvents.payPalIPN(HttpServletRequest,
HttpServletResponse): new java.io.PrintWriter(OutputStream)
Found a call to a method which will perform a byte to String (or String to
byte) conversion, and will assume that the default platform encoding is
suitable. This will cause the application behaviour to vary between platforms.
Use an alternative API and specify a charset name or Charset object explicitly.
PayPalEvents.java:240, OS_OPEN_STREAM_EXCEPTION_PATH
* OS:
org.apache.ofbiz.accounting.thirdparty.paypal.PayPalEvents.payPalIPN(HttpServletRequest,
HttpServletResponse) may fail to close stream on exception
The method creates an IO stream object, does not assign it to any fields, pass
it to other methods, or return it, and does not appear to close it on all
possible exception paths out of the method. This may result in a file
descriptor leak. It is generally a good idea to use a finally block to ensure
that streams are closed.
PayPalEvents.java:240, DM_DEFAULT_ENCODING
* Dm: Found reliance on default encoding in
org.apache.ofbiz.accounting.thirdparty.paypal.PayPalEvents.payPalIPN(HttpServletRequest,
HttpServletResponse): new java.io.InputStreamReader(InputStream)
Found a call to a method which will perform a byte to String (or String to
byte) conversion, and will assume that the default platform encoding is
suitable. This will cause the application behaviour to vary between platforms.
Use an alternative API and specify a charset name or Charset object explicitly.
PayPalEvents.java:343, 393 RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT
* Return value of method without side effect is ignored
This code calls a method and ignores the return value. However our analysis
shows that the method (including its implementations in subclasses if any) does
not produce any effect other than return value. Thus this call can be removed.
PayPalEvents.java:493, NP_NULL_ON_SOME_PATH
* NP: Possible null pointer dereference of results in
org.apache.ofbiz.accounting.thirdparty.paypal.PayPalEvents.setPaymentPreference(LocalDispatcher,
GenericValue, GenericValue, HttpServletRequest)
There is a branch of statement that, if executed, guarantees that a null value
will be dereferenced, which would generate a NullPointerException when the code
is executed. Of course, the problem might be that the branch or statement is
infeasible and that the null pointer exception can't ever be executed; deciding
that is beyond the ability of FindBugs.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
