Dennis Balkir created OFBIZ-9785:
------------------------------------
Summary: [FB] Package org.apache.ofbiz.product.promo
Key: OFBIZ-9785
URL: https://issues.apache.org/jira/browse/OFBIZ-9785
Project: OFBiz
Issue Type: Sub-task
Components: product
Affects Versions: Trunk
Reporter: Dennis Balkir
Priority: Minor
--- PromoServices.java:59, MS_PKGPROTECT
MS: org.apache.ofbiz.product.promo.PromoServices.smartChars should be package
protected
A mutable static field could be changed by malicious code or by accident. The
field could be made package protected to avoid this vulnerability.
--- PromoServices.java:114, NP_LOAD_OF_KNOWN_NULL_VALUE
NP: Load of known null value in
org.apache.ofbiz.product.promo.PromoServices.createProductPromoCodeSet(DispatchContext,
Map)
The variable referenced at this point is known to be null due to an earlier
check against null. Although this is valid, it might be a mistake (perhaps you
intended to refer to a different variable, or perhaps the earlier check to see
if the variable is null should have been a check to see if it was non-null).
--- PromoServices.java:193, UC_USELESS_CONDITION
Condition has no effect
This condition always produces the same result as the value of the involved
variable was narrowed before. Probably something else was meant or condition
can be removed.
--- PromoServices.java:249, DM_DEFAULT_ENCODING
Dm: Found reliance on default encoding in
org.apache.ofbiz.product.promo.PromoServices.importPromoCodeEmailsFromFile(DispatchContext,
Map): new String(byte[])
Found a call to a method which will perform a byte to String (or String to
byte) conversion, and will assume that the default platform encoding is
suitable. This will cause the application behaviour to vary between platforms.
Use an alternative API and specify a charset name or Charset object explicitly.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
