Hi, 4 errors were found by FindBugs in main ftpserver code:
1) NativeFtpFile implements equals(), but does not - hashCode(). In fact, i can't find why it need to implement equals() in first place. If for any map - then hashCode() will also be required. For example, this.file.getCanonicalFile().hashCode() Anyway, could we please have a comment we do we need equals() method? :) 2) Possible null pointer dereference of passivePorts in PassivePorts::PassivePorts(final int[] passivePorts, boolean checkIfBound) (line 165) NPE can occur if passivePorts argument is null. But this code is internal and i can't find a place that can pass null to the method. Anyway, suppose the case with null better be handled (with creation of empty array) 3) Dereference of the result of readLine() without nullcheck in AddUser Since it's for management only, we don't care if admin will have java exceptions as a response... do we? Especially if stream is terminated already. 4) Method DefaultFtpStatistics::setLogin() call passes null for nonnull parameter of new DefaultFtpStatistics$UserLogins(InetAddress) If session.getRemoteAddress() is not instanceof InetSocketAddress, then address is null. But UserLogins do not accept nulls as argument (null can't be a key for ConcurrentHashMap) I think 'fake' NULL address constant shall be introduced in DefaultFtpStatistics for this case. -- Sergey Vladimirov P.S.: I'm back for ftpserver for a while (have about 6 month) :)
