ofbiz-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Brohl (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (OFBIZ-9539) [FB] Package org.apache.ofbiz.accounting.thirdparty.paypal
Date Wed, 13 Dec 2017 14:59:00 GMT

    [ https://issues.apache.org/jira/browse/OFBIZ-9539?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16289353#comment-16289353
] 

Michael Brohl commented on OFBIZ-9539:
--------------------------------------

Yes, we thought about the same but there was a reason not to do it. [~Dennis Balkir]?

> [FB] Package org.apache.ofbiz.accounting.thirdparty.paypal
> ----------------------------------------------------------
>
>                 Key: OFBIZ-9539
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-9539
>             Project: OFBiz
>          Issue Type: Sub-task
>          Components: accounting
>    Affects Versions: Trunk
>            Reporter: Kyra Pritzel-Hentley
>            Assignee: Michael Brohl
>            Priority: Minor
>             Fix For: Upcoming Release
>
>         Attachments: OFBIZ-9539.patch, OFBIZ-9539_org.apache.ofbiz.accounting.thirdparty.paypal_bugfixes.patch
>
>
> PayPalEvents.java:236, DM_DEFAULT_ENCODING
> * Dm: Found reliance on default encoding in org.apache.ofbiz.accounting.thirdparty.paypal.PayPalEvents.payPalIPN(HttpServletRequest,
HttpServletResponse): new java.io.PrintWriter(OutputStream)
> Found a call to a method which will perform a byte to String (or String to byte) conversion,
and will assume that the default platform encoding is suitable. This will cause the application
behaviour to vary between platforms. Use an alternative API and specify a charset name or
Charset object explicitly.
> PayPalEvents.java:240, OS_OPEN_STREAM_EXCEPTION_PATH
> * OS: org.apache.ofbiz.accounting.thirdparty.paypal.PayPalEvents.payPalIPN(HttpServletRequest,
HttpServletResponse) may fail to close stream on exception
> The method creates an IO stream object, does not assign it to any fields, pass it to
other methods, or return it, and does not appear to close it on all possible exception paths
out of the method.  This may result in a file descriptor leak.  It is generally a good idea
to use a finally block to ensure that streams are closed.
> PayPalEvents.java:240, DM_DEFAULT_ENCODING
> * Dm: Found reliance on default encoding in org.apache.ofbiz.accounting.thirdparty.paypal.PayPalEvents.payPalIPN(HttpServletRequest,
HttpServletResponse): new java.io.InputStreamReader(InputStream)
> Found a call to a method which will perform a byte to String (or String to byte) conversion,
and will assume that the default platform encoding is suitable. This will cause the application
behaviour to vary between platforms. Use an alternative API and specify a charset name or
Charset object explicitly.
> PayPalEvents.java:343, 393 RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT
> * Return value of method without side effect is ignored
> This code calls a method and ignores the return value. However our analysis shows that
the method (including its implementations in subclasses if any) does not produce any effect
other than return value. Thus this call can be removed.
> PayPalEvents.java:493, NP_NULL_ON_SOME_PATH
> * NP: Possible null pointer dereference of results in org.apache.ofbiz.accounting.thirdparty.paypal.PayPalEvents.setPaymentPreference(LocalDispatcher,
GenericValue, GenericValue, HttpServletRequest)
> There is a branch of statement that, if executed, guarantees that a null value will be
dereferenced, which would generate a NullPointerException when the code is executed. Of course,
the problem might be that the branch or statement is infeasible and that the null pointer
exception can't ever be executed; deciding that is beyond the ability of FindBugs.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message