Minor Description
— PromoServices.java:59, MS_PKGPROTECT
MS: org.apache.ofbiz.product.promo.PromoServices.smartChars should be package protected
A mutable static field could be changed by malicious code or by accident. The field could be made package protected to avoid this vulnerability.
— PromoServices.java:114, NP_LOAD_OF_KNOWN_NULL_VALUE
NP: Load of known null value in org.apache.ofbiz.product.promo.PromoServices.createProductPromoCodeSet(DispatchContext, Map)
The variable referenced at this point is known to be null due to an earlier check against null. Although this is valid, it might be a mistake (perhaps you intended to refer to a different variable, or perhaps the earlier check to see if the variable is null should have been a check to see if it was non-null).
— PromoServices.java:193, UC_USELESS_CONDITION
Condition has no effect
This condition always produces the same result as the value of the involved variable was narrowed before. Probably something else was meant or condition can be removed.
— PromoServices.java:249, DM_DEFAULT_ENCODING
Dm: Found reliance on default encoding in org.apache.ofbiz.product.promo.PromoServices.importPromoCodeEmailsFromFile(DispatchContext, Map): new String(byte[])
Found a call to a method which will perform a byte to String (or String to byte) conversion, and will assume that the default platform encoding is suitable. This will cause the application behaviour to vary between platforms. Use an alternative API and specify a charset name or Charset object explicitly.