You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@ofbiz.apache.org by "Julian Leichert (JIRA)" <ji...@apache.org> on 2017/09/11 14:01:00 UTC
[jira] [Updated] (OFBIZ-9704) [FB] Package
org.apache.ofbiz.widget.renderer
[ https://issues.apache.org/jira/browse/OFBIZ-9704?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Julian Leichert updated OFBIZ-9704:
-----------------------------------
Attachment: OFBIZ-9704_org.apache.ofbiz.widget.renderer_bugfixes.patch
class FormRenderer
- added defaults to switch-statements
- line 1146 : removed useless control-flow
- line 1063: removed dead store
class MenuWrapTransform
- line 189: removed redundant null-check
class ScreenRenderer
- line 222: removed redundant null-check
> [FB] Package org.apache.ofbiz.widget.renderer
> ---------------------------------------------
>
> Key: OFBIZ-9704
> URL: https://issues.apache.org/jira/browse/OFBIZ-9704
> Project: OFBiz
> Issue Type: Sub-task
> Components: ALL APPLICATIONS, ALL COMPONENTS
> Affects Versions: Trunk
> Reporter: Julian Leichert
> Priority: Minor
> Attachments: OFBIZ-9704_org.apache.ofbiz.widget.renderer_bugfixes.patch
>
>
> FormRenderer.java:149, SF_SWITCH_NO_DEFAULT
> - SF: Switch statement found in org.apache.ofbiz.widget.renderer.FormRenderer.getHiddenIgnoredFields(Map, Set, List, int) where default case is missing
> This method contains a switch statement where default case is missing. Usually you need to provide a default case.
> Because the analysis only looks at the generated bytecode, this warning can be incorrect triggered if the default case is at the end of the switch statement and the switch statement doesn't contain break statements for other cases.
> FormRenderer.java:507, SF_SWITCH_NO_DEFAULT
> - SF: Switch statement found in org.apache.ofbiz.widget.renderer.FormRenderer.renderHiddenIgnoredFields(Appendable, Map, FormStringRenderer, List) where default case is missing
> This method contains a switch statement where default case is missing. Usually you need to provide a default case.
> Because the analysis only looks at the generated bytecode, this warning can be incorrect triggered if the default case is at the end of the switch statement and the switch statement doesn't contain break statements for other cases.
> FormRenderer.java:1063, DLS_DEAD_LOCAL_STORE
> - DLS: Dead store to lastFormField in org.apache.ofbiz.widget.renderer.FormRenderer.renderSingleFormString(Appendable, Map, int)
> This instruction assigns a value to a local variable, but the value is not read or used in any subsequent instruction. Often, this indicates an error, because the value computed is never used.
> Note that Sun's javac compiler often generates dead stores for final local variables. Because FindBugs is a bytecode-based tool, there is no easy way to eliminate these false positives.
> FormRenderer.java:1101, NP_NULL_ON_SOME_PATH
> - NP: Possible null pointer dereference of currentFormField in org.apache.ofbiz.widget.renderer.FormRenderer.renderSingleFormString(Appendable, Map, int)
> There is a branch of statement that, if executed, guarantees that a null value will be dereferenced, which would generate a NullPointerException when the code is executed. Of course, the problem might be that the branch or statement is infeasible and that the null pointer exception can't ever be executed; deciding that is beyond the ability of FindBugs.
> FormRenderer.java:1146, UCF_USELESS_CONTROL_FLOW
> - UCF: Useless control flow in org.apache.ofbiz.widget.renderer.FormRenderer.renderSingleFormString(Appendable, Map, int)
> This method contains a useless control flow statement, where control flow continues onto the same place regardless of whether or not the branch is taken. For example, this is caused by having an empty statement block for an if statement:
> if (argv.length == 0) {
> // TODO: handle this case
> }
> MenuWrapTransform.java:72, MS_PKGPROTECT
> - MS: org.apache.ofbiz.widget.renderer.MenuWrapTransform.upSaveKeyNames should be package protected
> A mutable static field could be changed by malicious code or by accident. The field could be made package protected to avoid this vulnerability.
> MenuWrapTransform.java:73, MS_PKGPROTECT
> - MS: org.apache.ofbiz.widget.renderer.MenuWrapTransform.saveKeyNames should be package protected
> A mutable static field could be changed by malicious code or by accident. The field could be made package protected to avoid this vulnerability.
> MenuWrapTransform.java:149, SIC_INNER_SHOULD_BE_STATIC_ANON, Priorität: Niedrig
> SIC: The class org.apache.ofbiz.widget.renderer.MenuWrapTransform$1 could be refactored into a named _static_ inner class
> This class is an inner class, but does not use its embedded reference to the object which created it. This reference makes the instances of the class larger, and may keep the reference to the creator object alive longer than necessary. If possible, the class should be made into a static inner class. Since anonymous inner classes cannot be marked as static, doing this will require refactoring the inner class so that it is a named inner class.
> MenuWrapTransform.java:189, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
> - RCN: Redundant nullcheck of menuWrapper, which is known to be non-null in org.apache.ofbiz.widget.renderer.MenuWrapTransform$1.renderMenu()
> This method contains a redundant check of a known non-null value against the constant null.
> ScreenRenderer.java:200, RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE
> - RCN: Nullcheck of session at line 200 of value previously dereferenced in org.apache.ofbiz.widget.renderer.ScreenRenderer.populateContextForRequest(MapStack, ScreenRenderer, HttpServletRequest, HttpServletResponse, ServletContext)
> A value is checked here to see whether it is null, but this value can't be null because it was previously dereferenced and if it were null a null pointer exception would have occurred at the earlier dereference. Essentially, this code and the previous dereference disagree as to whether this value is allowed to be null. Either the check is redundant or the previous dereference is erroneous.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)