[ https://issues.apache.org/jira/browse/OFBIZ-9539?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16289353#comment-16289353 ]
Michael Brohl commented on OFBIZ-9539: -------------------------------------- Yes, we thought about the same but there was a reason not to do it. [~Dennis Balkir]? > [FB] Package org.apache.ofbiz.accounting.thirdparty.paypal > ---------------------------------------------------------- > > Key: OFBIZ-9539 > URL: https://issues.apache.org/jira/browse/OFBIZ-9539 > Project: OFBiz > Issue Type: Sub-task > Components: accounting > Affects Versions: Trunk > Reporter: Kyra Pritzel-Hentley > Assignee: Michael Brohl > Priority: Minor > Fix For: Upcoming Release > > Attachments: OFBIZ-9539.patch, > OFBIZ-9539_org.apache.ofbiz.accounting.thirdparty.paypal_bugfixes.patch > > > PayPalEvents.java:236, DM_DEFAULT_ENCODING > * Dm: Found reliance on default encoding in > org.apache.ofbiz.accounting.thirdparty.paypal.PayPalEvents.payPalIPN(HttpServletRequest, > HttpServletResponse): new java.io.PrintWriter(OutputStream) > Found a call to a method which will perform a byte to String (or String to > byte) conversion, and will assume that the default platform encoding is > suitable. This will cause the application behaviour to vary between > platforms. Use an alternative API and specify a charset name or Charset > object explicitly. > PayPalEvents.java:240, OS_OPEN_STREAM_EXCEPTION_PATH > * OS: > org.apache.ofbiz.accounting.thirdparty.paypal.PayPalEvents.payPalIPN(HttpServletRequest, > HttpServletResponse) may fail to close stream on exception > The method creates an IO stream object, does not assign it to any fields, > pass it to other methods, or return it, and does not appear to close it on > all possible exception paths out of the method. This may result in a file > descriptor leak. It is generally a good idea to use a finally block to > ensure that streams are closed. > PayPalEvents.java:240, DM_DEFAULT_ENCODING > * Dm: Found reliance on default encoding in > org.apache.ofbiz.accounting.thirdparty.paypal.PayPalEvents.payPalIPN(HttpServletRequest, > HttpServletResponse): new java.io.InputStreamReader(InputStream) > Found a call to a method which will perform a byte to String (or String to > byte) conversion, and will assume that the default platform encoding is > suitable. This will cause the application behaviour to vary between > platforms. Use an alternative API and specify a charset name or Charset > object explicitly. > PayPalEvents.java:343, 393 RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT > * Return value of method without side effect is ignored > This code calls a method and ignores the return value. However our analysis > shows that the method (including its implementations in subclasses if any) > does not produce any effect other than return value. Thus this call can be > removed. > PayPalEvents.java:493, NP_NULL_ON_SOME_PATH > * NP: Possible null pointer dereference of results in > org.apache.ofbiz.accounting.thirdparty.paypal.PayPalEvents.setPaymentPreference(LocalDispatcher, > GenericValue, GenericValue, HttpServletRequest) > There is a branch of statement that, if executed, guarantees that a null > value will be dereferenced, which would generate a NullPointerException when > the code is executed. Of course, the problem might be that the branch or > statement is infeasible and that the null pointer exception can't ever be > executed; deciding that is beyond the ability of FindBugs. -- This message was sent by Atlassian JIRA (v6.4.14#64029)