[jira] [Created] (OFBIZ-9784) [FB] Package org.apache.ofbiz.product.spreadsheetimport

Mon, 25 Sep 2017 06:19:29 -0700 

Dennis Balkir created OFBIZ-9784:
------------------------------------

             Summary: [FB] Package org.apache.ofbiz.product.spreadsheetimport
                 Key: OFBIZ-9784
                 URL: https://issues.apache.org/jira/browse/OFBIZ-9784
             Project: OFBiz
          Issue Type: Sub-task
          Components: product
    Affects Versions: Trunk
            Reporter: Dennis Balkir
            Priority: Minor


--- ImportProductServices.java:47, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.product.spreadsheetimport.ImportProductServices.module 
isn't final but should be

This static field public but not final, and could be changed by malicious code 
or by accident from another package. The field could be made final to avoid 
this vulnerability.

--- ImportProductServices.java:78, NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE
NP: Possible null pointer dereference in 
org.apache.ofbiz.product.spreadsheetimport.ImportProductServices.productImportFromSpreadsheet(DispatchContext,
 Map) due to return value of called method

The return value from a method is dereferenced without a null check, and the 
return value of that method is one that should generally be checked for null. 
This may lead to a NullPointerException when the code is executed.

--- ImportProductServices.java:79, DM_CONVERT_CASE
Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in 
org.apache.ofbiz.product.spreadsheetimport.ImportProductServices.productImportFromSpreadsheet(DispatchContext,
 Map)

A String is being converted to upper or lowercase, using the platform's default 
encoding. This may result in improper conversions when used with international 
characters. Use the

String.toUpperCase( Locale l )
String.toLowerCase( Locale l )
versions instead.

--- ImportProductServices.java:134, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
RCN: Redundant nullcheck of productId, which is known to be non-null in 
org.apache.ofbiz.product.spreadsheetimport.ImportProductServices.productImportFromSpreadsheet(DispatchContext,
 Map)

This method contains a redundant check of a known non-null value against the 
constant null.

--- ImportProductServices.java:144, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
RCN: Redundant nullcheck of Object.toString(), which is known to be non-null in 
org.apache.ofbiz.product.spreadsheetimport.ImportProductServices.productImportFromSpreadsheet(DispatchContext,
 Map)

This method contains a redundant check of a known non-null value against the 
constant null.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to