[OFBIZ-9809] [FB] Package org.apache.ofbiz.product.test - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Closed
Priority: Minor
Resolution: Implemented
Affects Version/s: Trunk
Fix Version/s: 17.12.01
Component/s: product
Labels:
None

Description

InventoryItemTransferTest.java:34, MS_PKGPROTECT

MS: org.apache.ofbiz.product.test.InventoryItemTransferTest.inventoryTransferId should be package protected

A mutable static field could be changed by malicious code or by accident. The field could be made package protected to avoid this vulnerability.

InventoryItemTransferTest.java:62, ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD

ST: Write to static field org.apache.ofbiz.product.test.InventoryItemTransferTest.inventoryTransferId from instance method org.apache.ofbiz.product.test.InventoryItemTransferTest.testCreateInventoryItemsTransfer()

This instance method writes to a static field. This is tricky to get correct if multiple instances are being manipulated, and generally bad practice.

StockMovesTest.java:56, DLS_DEAD_LOCAL_STORE

DLS: Dead store to warningList in org.apache.ofbiz.product.test.StockMovesTest.testStockMoves()

This instruction assigns a value to a local variable, but the value is not read or used in any subsequent instruction. Often, this indicates an error, because the value computed is never used.

Note that Sun's javac compiler often generates dead stores for final local variables. Because FindBugs is a bytecode-based tool, there is no easy way to eliminate these false positives.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

OFBIZ-9809_org.apache.ofbiz.product.test_bugfixes.patch
05/Oct/17 09:48
3 kB
Julian Leichert

Activity

People

Assignee:: Michael Brohl

Reporter:: Julian Leichert

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 05/Oct/17 09:43

Updated:: 10/Dec/17 09:09

Resolved:: 10/Dec/17 09:09