[
https://issues.apache.org/jira/browse/OFBIZ-9694?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Brohl closed OFBIZ-9694.
--------------------------------
Resolution: Implemented
Fix Version/s: Upcoming Release
Thanks Dennis,
your patch is in trunk r1812061.
> [FB] Package org.apache.ofbiz.service.test
> ------------------------------------------
>
> Key: OFBIZ-9694
> URL: https://issues.apache.org/jira/browse/OFBIZ-9694
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: Trunk
> Reporter: Dennis Balkir
> Assignee: Michael Brohl
> Priority: Minor
> Fix For: Upcoming Release
>
> Attachments: OFBIZ-9694_org.apache.ofbiz.service.test_bugfixes.patch
>
>
> - ServiceEngineTestServices.java:316, REC_CATCH_EXCEPTION
> REC: Exception is caught when Exception is not thrown in
> org.apache.ofbiz.service.test.ServiceEngineTestServices.testServiceOwnTxSubServiceAfterSetRollbackOnlyInParent(DispatchContext,
> Map)
> This method uses a try-catch block that catches Exception objects, but
> Exception is not thrown within the try block, and RuntimeException is not
> explicitly caught. It is a common bug pattern to say try { ... } catch
> (Exception e) { something } as a shorthand for catching a number of types of
> exception each of whose catch blocks is identical, but this construct also
> accidentally catches RuntimeException as well, masking potential bugs.
> A better approach is to either explicitly catch the specific exceptions that
> are thrown, or to explicitly catch RuntimeException exception, rethrow it,
> and then catch all non-Runtime Exceptions, as shown below:
> try {
> ...
> } catch (RuntimeException e) {
> throw e;
> } catch (Exception e) {
> ... deal with all non-runtime exceptions ...
> }
> - ServiceSOAPTests.java:41, DM_FP_NUMBER_CTOR
> Bx: org.apache.ofbiz.service.test.ServiceSOAPTests.testSOAPSimpleService()
> invokes inefficient new Double(String) constructor; use
> Double.valueOf(String) instead
> Using new Double(double) is guaranteed to always result in a new object
> whereas Double.valueOf(double) allows caching of values to be done by the
> compiler, class library, or JVM. Using of cached values avoids object
> allocation and the code will be faster.
> Unless the class must be compatible with JVMs predating Java 1.5, use either
> autoboxing or the valueOf() method when creating instances of Double and
> Float.
> - XmlRpcTests.java:41, MS_PKGPROTECT
> MS: org.apache.ofbiz.service.test.XmlRpcTests.url should be package protected
> A mutable static field could be changed by malicious code or by accident. The
> field could be made package protected to avoid this vulnerability.
> - XmlRpcTests.java:47, ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD
> ST: Write to static field org.apache.ofbiz.service.test.XmlRpcTests.url from
> instance method new org.apache.ofbiz.service.test.XmlRpcTests(String)
> This instance method writes to a static field. This is tricky to get correct
> if multiple instances are being manipulated, and generally bad practice.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
