[
https://issues.apache.org/jira/browse/OFBIZ-12386?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17457634#comment-17457634
]
ASF subversion and git services commented on OFBIZ-12386:
---------------------------------------------------------
Commit 4de3a37c5463da0d2c9a6367bbbbf929b58a9af6 in ofbiz-framework's branch
refs/heads/trunk from Jacques Le Roux
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=4de3a37 ]
Improved: Fix some bugs Spotbugs reports (OFBIZ-12386)
In ProposedOrder::calculateStartDate and TimeDuration::TimeDuration better use a
long directly (efficiency)
In ConfigXMLReader, removes unused getViewMap method
In ServiceArtifactInfo, some formatting and in writeServiceCallGraphEoModel
method add missing <<if (calledServiceSet != null) {>>
Adds and documents false positives in exclude.xml.
Remains 14 issues, I'll document them in the Jira and 'll later discuss them
on dev ML (committers attention needed). None of them are security issues :)
C:/projectsASF/Git/ofbiz-framework/plugins/rest-api/src/main/java/org/apache/ofbiz/ws/rs/listener/ApiContextListener.java:38
Ecriture d'un champ statique
org.apache.ofbiz.ws.rs.listener.ApiContextListener.servletContext depuis la
méthode d'une instance
org.apache.ofbiz.ws.rs.listener.ApiContextListener.contextInitialized(ServletContextEvent)
[Of Concern(15), High confidence]
C:/projectsASF/Git/ofbiz-framework/framework/base/src/main/java/org/apache/ofbiz/base/util/collections/GenericMapValues.java:49
org.apache.ofbiz.base.util.collections.GenericMapValues.equals(Object) checks
for operand being a java.util.List [Troubling(14), High confidence]
C:/projectsASF/Git/ofbiz-framework/plugins/ldap/src/main/java/org/apache/ofbiz/ldap/cas/OFBizCasAuthenticationHandler.java:91
Déréférencement immédiat du résultat d'un readLine() dans
org.apache.ofbiz.ldap.cas.OFBizCasAuthenticationHandler.login(HttpServletRequest,
HttpServletResponse, Element) [Of Concern(15), Normal confidence]
C:/projectsASF/Git/ofbiz-framework/framework/base/src/main/java/org/apache/ofbiz/base/util/collections/GenericMapValues.java:49
org.apache.ofbiz.base.util.collections.GenericMapValues.equals(Object) checks
for operand being a java.util.Set [Troubling(14), High confidence]
C:/projectsASF/Git/ofbiz-framework/framework/widget/src/test/java/org/apache/ofbiz/widget/renderer/macro/MacroFormRendererTest.java:875
Un appel de méthode dans new
org.apache.ofbiz.widget.renderer.macro.MacroFormRendererTest$36(MacroFormRendererTest,
ModelForm) passe null à un paramètre déréférencé de façon inconditionnelle
dans
org.apache.ofbiz.webapp.control.RequestHandler.makeLink(HttpServletRequest,
HttpServletResponse, String) [Scary(8), Normal confidence]
C:/projectsASF/Git/ofbiz-framework/framework/widget/src/test/java/org/apache/ofbiz/widget/renderer/macro/MacroFormRendererTest.java:848
Un appel de méthode dans new
org.apache.ofbiz.widget.renderer.macro.MacroFormRendererTest$35(MacroFormRendererTest,
ModelForm) passe null à un paramètre déréférencé de façon inconditionnelle
dans
org.apache.ofbiz.webapp.control.RequestHandler.makeLink(HttpServletRequest,
HttpServletResponse, String) [Scary(8), Normal confidence]
C:/projectsASF/Git/ofbiz-framework/plugins/ecommerce/src/main/java/org/apache/ofbiz/ecommerce/janrain/JanrainHelper.java:71
Ecriture d'un champ statique
org.apache.ofbiz.ecommerce.janrain.JanrainHelper.apiKey depuis la méthode d'une
instance new org.apache.ofbiz.ecommerce.janrain.JanrainHelper(String, String)
[Of Concern(15), High confidence]
C:/projectsASF/Git/ofbiz-framework/plugins/pricat/src/main/java/org/apache/ofbiz/htmlreport/AbstractReportThread.java:160
Champ jamais écrit : org.apache.ofbiz.htmlreport.AbstractReportThread.report
[Troubling(12), Normal confidence]
C:/projectsASF/Git/ofbiz-framework/plugins/ecommerce/src/main/java/org/apache/ofbiz/ecommerce/janrain/JanrainHelper.java:72
Ecriture d'un champ statique
org.apache.ofbiz.ecommerce.janrain.JanrainHelper.baseUrl depuis la méthode
d'une instance new org.apache.ofbiz.ecommerce.janrain.JanrainHelper(String,
String) [Of Concern(15), High confidence]
C:/projectsASF/Git/ofbiz-framework/framework/base/src/main/java/org/apache/ofbiz/base/util/cache/CacheSoftReference.java:29
org.apache.ofbiz.base.util.cache.CacheSoftReference est Serializable mais sa
super-classe ne possède pas de constructeur par défaut visible [Troubling(14),
High confidence]
C:/projectsASF/Git/ofbiz-framework/plugins/ldap/src/main/java/org/apache/ofbiz/ldap/activedirectory/OFBizActiveDirectoryAuthenticationHandler.java:110
Alimentation à perte d'une variable locale dans la méthode
org.apache.ofbiz.ldap.activedirectory.OFBizActiveDirectoryAuthenticationHandler.getLdapSearchResult(String,
String, Element, boolean) [Of Concern(15), High confidence]
C:/projectsASF/Git/ofbiz-framework/plugins/ldap/src/main/java/org/apache/ofbiz/ldap/openldap/OFBizLdapAuthenticationHandler.java:95
Alimentation à perte d'une variable locale dans la méthode
org.apache.ofbiz.ldap.openldap.OFBizLdapAuthenticationHandler.getLdapSearchResult(String,
String, Element, boolean) [Of Concern(15), High confidence]
C:/projectsASF/Git/ofbiz-framework/framework/base/src/main/java/org/apache/ofbiz/base/util/collections/FlexibleServletAccessor.java:193
org.apache.ofbiz.base.util.collections.FlexibleServletAccessor.equals(Object)
checks for operand being a String [Troubling(14), High confidence]
C:/projectsASF/Git/ofbiz-framework/framework/service/src/main/java/org/apache/ofbiz/service/test/XmlRpcTests.java:47
Ecriture d'un champ statique org.apache.ofbiz.service.test.XmlRpcTests.url
depuis la méthode d'une instance new
org.apache.ofbiz.service.test.XmlRpcTests(String) [Of Concern(15), High
confidence]
> Fix some bugs Spotbugs reports
> ------------------------------
>
> Key: OFBIZ-12386
> URL: https://issues.apache.org/jira/browse/OFBIZ-12386
> Project: OFBiz
> Issue Type: Bug
> Components: ALL COMPONENTS
> Affects Versions: Trunk
> Reporter: Jacques Le Roux
> Assignee: Jacques Le Roux
> Priority: Major
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
