[ https://issues.apache.org/jira/browse/OFBIZ-9785?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Michael Brohl reassigned OFBIZ-9785: ------------------------------------ Assignee: Michael Brohl > [FB] Package org.apache.ofbiz.product.promo > ------------------------------------------- > > Key: OFBIZ-9785 > URL: https://issues.apache.org/jira/browse/OFBIZ-9785 > Project: OFBiz > Issue Type: Sub-task > Components: product > Affects Versions: Trunk > Reporter: Dennis Balkir > Assignee: Michael Brohl > Priority: Minor > Attachments: OFBIZ-9785_org.apache.ofbiz.product.promo_bugfixes.patch > > > --- PromoServices.java:59, MS_PKGPROTECT > MS: org.apache.ofbiz.product.promo.PromoServices.smartChars should be package > protected > A mutable static field could be changed by malicious code or by accident. The > field could be made package protected to avoid this vulnerability. > --- PromoServices.java:114, NP_LOAD_OF_KNOWN_NULL_VALUE > NP: Load of known null value in > org.apache.ofbiz.product.promo.PromoServices.createProductPromoCodeSet(DispatchContext, > Map) > The variable referenced at this point is known to be null due to an earlier > check against null. Although this is valid, it might be a mistake (perhaps > you intended to refer to a different variable, or perhaps the earlier check > to see if the variable is null should have been a check to see if it was > non-null). > --- PromoServices.java:193, UC_USELESS_CONDITION > Condition has no effect > This condition always produces the same result as the value of the involved > variable was narrowed before. Probably something else was meant or condition > can be removed. > --- PromoServices.java:249, DM_DEFAULT_ENCODING > Dm: Found reliance on default encoding in > org.apache.ofbiz.product.promo.PromoServices.importPromoCodeEmailsFromFile(DispatchContext, > Map): new String(byte[]) > Found a call to a method which will perform a byte to String (or String to > byte) conversion, and will assume that the default platform encoding is > suitable. This will cause the application behaviour to vary between > platforms. Use an alternative API and specify a charset name or Charset > object explicitly. -- This message was sent by Atlassian JIRA (v6.4.14#64029)