[
https://issues.apache.org/jira/browse/OFBIZ-9704?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Brohl reassigned OFBIZ-9704:
------------------------------------
Assignee: Michael Brohl
> [FB] Package org.apache.ofbiz.widget.renderer
> ---------------------------------------------
>
> Key: OFBIZ-9704
> URL: https://issues.apache.org/jira/browse/OFBIZ-9704
> Project: OFBiz
> Issue Type: Sub-task
> Components: ALL APPLICATIONS, ALL COMPONENTS
> Affects Versions: Trunk
> Reporter: Julian Leichert
> Assignee: Michael Brohl
> Priority: Minor
> Attachments:
> OFBIZ-9704_org.apache.ofbiz.widget.renderer_bugfixes.patch
>
>
> FormRenderer.java:149, SF_SWITCH_NO_DEFAULT
> - SF: Switch statement found in
> org.apache.ofbiz.widget.renderer.FormRenderer.getHiddenIgnoredFields(Map,
> Set, List, int) where default case is missing
> This method contains a switch statement where default case is missing.
> Usually you need to provide a default case.
> Because the analysis only looks at the generated bytecode, this warning can
> be incorrect triggered if the default case is at the end of the switch
> statement and the switch statement doesn't contain break statements for other
> cases.
> FormRenderer.java:507, SF_SWITCH_NO_DEFAULT
> - SF: Switch statement found in
> org.apache.ofbiz.widget.renderer.FormRenderer.renderHiddenIgnoredFields(Appendable,
> Map, FormStringRenderer, List) where default case is missing
> This method contains a switch statement where default case is missing.
> Usually you need to provide a default case.
> Because the analysis only looks at the generated bytecode, this warning can
> be incorrect triggered if the default case is at the end of the switch
> statement and the switch statement doesn't contain break statements for other
> cases.
> FormRenderer.java:1063, DLS_DEAD_LOCAL_STORE
> - DLS: Dead store to lastFormField in
> org.apache.ofbiz.widget.renderer.FormRenderer.renderSingleFormString(Appendable,
> Map, int)
> This instruction assigns a value to a local variable, but the value is not
> read or used in any subsequent instruction. Often, this indicates an error,
> because the value computed is never used.
> Note that Sun's javac compiler often generates dead stores for final local
> variables. Because FindBugs is a bytecode-based tool, there is no easy way to
> eliminate these false positives.
> FormRenderer.java:1101, NP_NULL_ON_SOME_PATH
> - NP: Possible null pointer dereference of currentFormField in
> org.apache.ofbiz.widget.renderer.FormRenderer.renderSingleFormString(Appendable,
> Map, int)
> There is a branch of statement that, if executed, guarantees that a null
> value will be dereferenced, which would generate a NullPointerException when
> the code is executed. Of course, the problem might be that the branch or
> statement is infeasible and that the null pointer exception can't ever be
> executed; deciding that is beyond the ability of FindBugs.
> FormRenderer.java:1146, UCF_USELESS_CONTROL_FLOW
> - UCF: Useless control flow in
> org.apache.ofbiz.widget.renderer.FormRenderer.renderSingleFormString(Appendable,
> Map, int)
> This method contains a useless control flow statement, where control flow
> continues onto the same place regardless of whether or not the branch is
> taken. For example, this is caused by having an empty statement block for an
> if statement:
> if (argv.length == 0) {
> // TODO: handle this case
> }
> MenuWrapTransform.java:72, MS_PKGPROTECT
> - MS: org.apache.ofbiz.widget.renderer.MenuWrapTransform.upSaveKeyNames
> should be package protected
> A mutable static field could be changed by malicious code or by accident. The
> field could be made package protected to avoid this vulnerability.
> MenuWrapTransform.java:73, MS_PKGPROTECT
> - MS: org.apache.ofbiz.widget.renderer.MenuWrapTransform.saveKeyNames should
> be package protected
> A mutable static field could be changed by malicious code or by accident. The
> field could be made package protected to avoid this vulnerability.
> MenuWrapTransform.java:149, SIC_INNER_SHOULD_BE_STATIC_ANON, Priorität:
> Niedrig
> SIC: The class org.apache.ofbiz.widget.renderer.MenuWrapTransform$1 could be
> refactored into a named _static_ inner class
> This class is an inner class, but does not use its embedded reference to the
> object which created it. This reference makes the instances of the class
> larger, and may keep the reference to the creator object alive longer than
> necessary. If possible, the class should be made into a static inner class.
> Since anonymous inner classes cannot be marked as static, doing this will
> require refactoring the inner class so that it is a named inner class.
> MenuWrapTransform.java:189, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
> - RCN: Redundant nullcheck of menuWrapper, which is known to be non-null in
> org.apache.ofbiz.widget.renderer.MenuWrapTransform$1.renderMenu()
> This method contains a redundant check of a known non-null value against the
> constant null.
> ScreenRenderer.java:200, RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE
> - RCN: Nullcheck of session at line 200 of value previously dereferenced in
> org.apache.ofbiz.widget.renderer.ScreenRenderer.populateContextForRequest(MapStack,
> ScreenRenderer, HttpServletRequest, HttpServletResponse, ServletContext)
> A value is checked here to see whether it is null, but this value can't be
> null because it was previously dereferenced and if it were null a null
> pointer exception would have occurred at the earlier dereference.
> Essentially, this code and the previous dereference disagree as to whether
> this value is allowed to be null. Either the check is redundant or the
> previous dereference is erroneous.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
