You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@ofbiz.apache.org by "Dennis Balkir (JIRA)" <ji...@apache.org> on 2017/09/25 13:19:00 UTC

[jira] [Created] (OFBIZ-9784) [FB] Package org.apache.ofbiz.product.spreadsheetimport

Dennis Balkir created OFBIZ-9784:
------------------------------------

             Summary: [FB] Package org.apache.ofbiz.product.spreadsheetimport
                 Key: OFBIZ-9784
                 URL: https://issues.apache.org/jira/browse/OFBIZ-9784
             Project: OFBiz
          Issue Type: Sub-task
          Components: product
    Affects Versions: Trunk
            Reporter: Dennis Balkir
            Priority: Minor


--- ImportProductServices.java:47, MS_SHOULD_BE_FINAL
MS: org.apache.ofbiz.product.spreadsheetimport.ImportProductServices.module isn't final but should be

This static field public but not final, and could be changed by malicious code or by accident from another package. The field could be made final to avoid this vulnerability.

--- ImportProductServices.java:78, NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE
NP: Possible null pointer dereference in org.apache.ofbiz.product.spreadsheetimport.ImportProductServices.productImportFromSpreadsheet(DispatchContext, Map) due to return value of called method

The return value from a method is dereferenced without a null check, and the return value of that method is one that should generally be checked for null. This may lead to a NullPointerException when the code is executed.

--- ImportProductServices.java:79, DM_CONVERT_CASE
Dm: Use of non-localized String.toUpperCase() or String.toLowerCase() in org.apache.ofbiz.product.spreadsheetimport.ImportProductServices.productImportFromSpreadsheet(DispatchContext, Map)

A String is being converted to upper or lowercase, using the platform's default encoding. This may result in improper conversions when used with international characters. Use the

String.toUpperCase( Locale l )
String.toLowerCase( Locale l )
versions instead.

--- ImportProductServices.java:134, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
RCN: Redundant nullcheck of productId, which is known to be non-null in org.apache.ofbiz.product.spreadsheetimport.ImportProductServices.productImportFromSpreadsheet(DispatchContext, Map)

This method contains a redundant check of a known non-null value against the constant null.

--- ImportProductServices.java:144, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
RCN: Redundant nullcheck of Object.toString(), which is known to be non-null in org.apache.ofbiz.product.spreadsheetimport.ImportProductServices.productImportFromSpreadsheet(DispatchContext, Map)

This method contains a redundant check of a known non-null value against the constant null.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)