[
https://issues.apache.org/jira/browse/OFBIZ-9736?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Julian Leichert updated OFBIZ-9736:
-----------------------------------
Attachment: OFBIZ-9736_org.apache.ofbiz.party.contact_bugfixes.patch
class PartyHelper
- line 88 : changed to isEmpty() , because checkNull returns an empty String.
class PartyServices
- added Locale in multiple lines
- removed redundant null-check
class PartyWorker
- module to final
- added Locale in multiple lines
> [FB] Package org.apache.ofbiz.party.party
> -----------------------------------------
>
> Key: OFBIZ-9736
> URL: https://issues.apache.org/jira/browse/OFBIZ-9736
> Project: OFBiz
> Issue Type: Sub-task
> Components: party
> Affects Versions: Trunk
> Reporter: Julian Leichert
> Priority: Minor
> Attachments: OFBIZ-9736_org.apache.ofbiz.party.contact_bugfixes.patch
>
>
> PartyHelper.java:88, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
> - RCN: Redundant nullcheck of
> org.apache.ofbiz.base.util.UtilFormatOut.checkNull(String), which is known to
> be non-null in
> org.apache.ofbiz.party.party.PartyHelper.formatPartyNameObject(GenericValue,
> boolean)
> This method contains a redundant check of a known non-null value against the
> constant null.
> PartyServices.java:744, DM_CONVERT_CASE
> - Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.party.party.PartyServices.getPartyFromExactEmail(DispatchContext,
> Map)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> PartyServices.java:782, DM_CONVERT_CASE
> - Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.party.party.PartyServices.getPartyFromEmail(DispatchContext,
> Map)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> PartyServices.java:826, DM_CONVERT_CASE
> - Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.party.party.PartyServices.getPartyFromUserLogin(DispatchContext,
> Map)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> PartyServices.java:877, DM_CONVERT_CASE
> - Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.party.party.PartyServices.getPartyFromPerson(DispatchContext,
> Map)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> PartyServices.java:920, DM_CONVERT_CASE
> - Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.party.party.PartyServices.getPartyFromPartyGroup(DispatchContext,
> Map)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> PartyServices.java:952, DLS_DEAD_LOCAL_STORE
> - DLS: Dead store to parties in
> org.apache.ofbiz.party.party.PartyServices.getPartyFromExternalId(DispatchContext,
> Map)
> This instruction assigns a value to a local variable, but the value is not
> read or used in any subsequent instruction. Often, this indicates an error,
> because the value computed is never used.
> Note that Sun's javac compiler often generates dead stores for final local
> variables. Because FindBugs is a bytecode-based tool, there is no easy way to
> eliminate these false positives.
> PartyServices.java:2206, DM_CONVERT_CASE
> - Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.party.party.PartyServices.importAddressMatchMapCsv(DispatchContext,
> Map)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> PartyServices.java:2302, RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE
> - RCN: Nullcheck of fileBytes at line 2302 of value previously dereferenced
> in org.apache.ofbiz.party.party.PartyServices.importParty(DispatchContext,
> Map)
> A value is checked here to see whether it is null, but this value can't be
> null because it was previously dereferenced and if it were null a null
> pointer exception would have occurred at the earlier dereference.
> Essentially, this code and the previous dereference disagree as to whether
> this value is allowed to be null. Either the check is redundant or the
> previous dereference is erroneous.
> PartyWorker.java:53, MS_SHOULD_BE_FINAL
> - MS: org.apache.ofbiz.party.party.PartyWorker.module isn't final but should
> be
> This static field public but not final, and could be changed by malicious
> code or by accident from another package. The field could be made final to
> avoid this vulnerability.
> PartyWorker.java:224, PZLA_PREFER_ZERO_LENGTH_ARRAYS
> - PZLA: Should
> org.apache.ofbiz.party.party.PartyWorker.findFirstMatchingPartyAndContactMechId(Delegator,
> String, String, String, String, String, String, String, String, String,
> String) return a zero length array rather than null?
> It is often a better design to return a length zero array rather than a null
> reference to indicate that there are no results (i.e., an empty list of
> results). This way, no explicit check for null is needed by clients of the
> method.
> On the other hand, using null to indicate "there is no answer to this
> question" is probably appropriate. For example, File.listFiles() returns an
> empty list if given a directory containing no files, and returns null if the
> file is not a directory.
> PartyWorker.java:268, DM_CONVERT_CASE
> - Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.party.party.PartyWorker.findMatchingPersonPostalAddresses(Delegator,
> String, String, String, String, String, String, String, String, String,
> String)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> PartyWorker.java:328, DM_CONVERT_CASE
> - Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.party.party.PartyWorker.findMatchingPartyPostalAddress(Delegator,
> String, String, String, String, String, String, String, String)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
> PartyWorker.java:421, DM_CONVERT_CASE
> - Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in
> org.apache.ofbiz.party.party.PartyWorker.makeMatchingString(Delegator, String)
> A String is being converted to upper or lowercase, using the platform's
> default encoding. This may result in improper conversions when used with
> international characters. Use the
> String.toUpperCase( Locale l )
> String.toLowerCase( Locale l )
> versions instead.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
