Details

    • Type: Sub-task
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: Trunk
    • Fix Version/s: 17.12.01
    • Component/s: accounting
    • Labels:
      None
    • Flags:
      Patch

      Description

      PcChargeApi.java:81: 82, MS_PKGPROTECT

      • MS: org.apache.ofbiz.accounting.thirdparty.gosoftware.PcChargeApi.validOut should be package protected
        A mutable static field could be changed by malicious code or by accident. The field could be made package protected to avoid this vulnerability.

      PcChargeApi.java:189, DM_DEFAULT_ENCODING

      • Dm: Found reliance on default encoding in org.apache.ofbiz.accounting.thirdparty.gosoftware.PcChargeApi.send(): new java.io.PrintStream(OutputStream)
        Found a call to a method which will perform a byte to String (or String to byte) conversion, and will assume that the default platform encoding is suitable. This will cause the application behaviour to vary between platforms. Use an alternative API and specify a charset name or Charset object explicitly.

      PcChargeApi.java:198, DM_DEFAULT_ENCODING

      • Dm: Found reliance on default encoding in org.apache.ofbiz.accounting.thirdparty.gosoftware.PcChargeApi.send(): new String(byte[], int, int)

      PcChargeServices.java:94: 180: 246: 306, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE

      • RCN: Redundant nullcheck of out, which is known to be non-null in org.apache.ofbiz.accounting.thirdparty.gosoftware.PcChargeServices
        This method contains a redundant check of a known non-null value against the constant null.

      RitaApi.java:80, MS_PKGPROTECT

      • MS: org.apache.ofbiz.accounting.thirdparty.gosoftware.RitaApi.validOut should be package protected
        A mutable static field could be changed by malicious code or by accident. The field could be made package protected to avoid this vulnerability.

      RitaApi.java:84, MS_PKGPROTECT

      • MS: org.apache.ofbiz.accounting.thirdparty.gosoftware.RitaApi.validIn should be package protected
        A mutable static field could be changed by malicious code or by accident. The field could be made package protected to avoid this vulnerability.

      RitaServices.java:61: 98: 164: 184: 233: 260: 301: 329, RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE

      • RCN: Redundant nullcheck of api, which is known to be non-null in org.apache.ofbiz.accounting.thirdparty.gosoftware.RitaServices
        This method contains a redundant check of a known non-null value against the constant null.

        Attachments

          Activity

            People

            • Assignee:
              mbrohl Michael Brohl
              Reporter:
              Kyra Pritzel-Hentley Kyra Pritzel-Hentley
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: