FindBugs Bug Detector Report
The following document contains the results of FindBugs
FindBugs Version is 3.0.1
Threshold is
Effort is min
Files
org.itracker.web.ApplicationInitialization
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Unread field: org.itracker.web.ApplicationInitialization.servletConfig | PERFORMANCE | URF_UNREAD_FIELD | 115 | Medium |
org.itracker.web.actions.PortalHomeAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Boxed value is unboxed and then immediately reboxed in org.itracker.web.actions.PortalHomeAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | PERFORMANCE | BX_UNBOXING_IMMEDIATELY_REBOXED | 63 | Medium |
Redundant nullcheck of showAllAtt, which is known to be non-null in org.itracker.web.actions.PortalHomeAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 239 | Medium |
Suspicious comparison of Integer references in org.itracker.web.actions.PortalHomeAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | CORRECTNESS | RC_REF_COMPARISON | 167 | High |
org.itracker.web.actions.admin.configuration.EditConfigurationAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.actions.admin.configuration.EditConfigurationAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 269 | Medium |
org.itracker.web.actions.admin.configuration.EditCustomFieldValueAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.actions.admin.configuration.EditCustomFieldValueAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 103 | Medium |
org.itracker.web.actions.admin.configuration.ImportDataVerifyAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Found reliance on default encoding in org.itracker.web.actions.admin.configuration.ImportDataVerifyAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse): new java.io.InputStreamReader(InputStream) | I18N | DM_DEFAULT_ENCODING | 81 | High |
org.itracker.web.actions.admin.configuration.ImportDataVerifyAction.checkUsers(ImportDataModel, InitialContext) concatenates strings using + in a loop | PERFORMANCE | SBSC_USE_STRINGBUFFER_CONCATENATION | 267 | Medium |
org.itracker.web.actions.admin.configuration.OrderConfigurationItemAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Dead store to newConfigItems in org.itracker.web.actions.admin.configuration.OrderConfigurationItemAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | DLS_DEAD_LOCAL_STORE | 112 | Medium |
Switch statement found in org.itracker.web.actions.admin.configuration.OrderConfigurationItemAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) where default case is missing | STYLE | SF_SWITCH_NO_DEFAULT | 117-120 | Medium |
org.itracker.web.actions.admin.configuration.OrderCustomFieldValueAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Suspicious comparison of Integer references in org.itracker.web.actions.admin.configuration.OrderCustomFieldValueAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | CORRECTNESS | RC_REF_COMPARISON | 96 | High |
org.itracker.web.actions.admin.configuration.RemoveConfigurationItemAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Boxed value is unboxed and then immediately reboxed in org.itracker.web.actions.admin.configuration.RemoveConfigurationItemAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | PERFORMANCE | BX_UNBOXING_IMMEDIATELY_REBOXED | 98 | Medium |
org.itracker.web.actions.admin.project.EditComponentFormAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Redundant nullcheck of component, which is known to be non-null in org.itracker.web.actions.admin.project.EditComponentFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 112 | High |
org.itracker.web.actions.admin.report.DownloadReportAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.actions.admin.report.DownloadReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 54 | Medium |
org.itracker.web.actions.admin.report.EditReportAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Nullcheck of editreport at line 108 of value previously dereferenced in org.itracker.web.actions.admin.report.EditReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | CORRECTNESS | RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE | 81 | Medium |
org.itracker.web.actions.admin.report.ExportReportAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.actions.admin.report.ExportReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 49 | Medium |
org.itracker.web.actions.admin.report.RemoveReportAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.actions.admin.report.RemoveReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 53 | Medium |
org.itracker.web.actions.admin.user.EditUserAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.actions.admin.user.EditUserAction.setupJspEnv(HttpServletRequest, UserForm, ActionMessages, ActionMapping) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 174 | Medium |
org.itracker.web.actions.base.ItrackerBaseAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Nullcheck of log at line 134 of value previously dereferenced in org.itracker.web.actions.base.ItrackerBaseAction.logTimeMillies(String, Date, Logger, Level) | CORRECTNESS | RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE | 131 | High |
org.itracker.web.actions.issuesearch.SearchIssuesFormAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Exception is caught when Exception is not thrown in org.itracker.web.actions.issuesearch.SearchIssuesFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | REC_CATCH_EXCEPTION | 249 | Medium |
org.itracker.web.actions.preferences.EditPreferencesAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Boxing/unboxing to parse a primitive org.itracker.web.actions.preferences.EditPreferencesAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | PERFORMANCE | DM_BOXED_PRIMITIVE_FOR_PARSING | 177 | High |
org.itracker.web.actions.preferences.EditPreferencesFormAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Redundant nullcheck of user, which is known to be non-null in org.itracker.web.actions.preferences.EditPreferencesFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 170 | Medium |
org.itracker.web.actions.project.CreateIssueFormAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.actions.project.CreateIssueFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 62 | Medium |
Nullcheck of project at line 92 of value previously dereferenced in org.itracker.web.actions.project.CreateIssueFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | CORRECTNESS | RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE | 92 | High |
org.itracker.web.actions.project.EditIssueFormAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.actions.project.EditIssueFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 66 | Medium |
Redundant nullcheck of issue, which is known to be non-null in org.itracker.web.actions.project.EditIssueFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 130 | High |
org.itracker.web.actions.project.MoveIssueAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Possible null pointer dereference of issue in org.itracker.web.actions.project.MoveIssueAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | CORRECTNESS | NP_NULL_ON_SOME_PATH | 73 | High |
org.itracker.web.actions.project.RemoveIssueAttachmentAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.actions.project.RemoveIssueAttachmentAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 54 | Medium |
Exceptional return value of java.io.File.delete() ignored in org.itracker.web.actions.project.RemoveIssueAttachmentAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | BAD_PRACTICE | RV_RETURN_VALUE_IGNORED_BAD_PRACTICE | 62 | Medium |
org.itracker.web.actions.project.WatchIssueAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.actions.project.WatchIssueAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 56 | Medium |
org.itracker.web.actions.report.DisplayReportAction
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Load of known null value in org.itracker.web.actions.report.DisplayReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | NP_LOAD_OF_KNOWN_NULL_VALUE | 125 | Medium |
org.itracker.web.forms.IssueForm
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Boxed value is unboxed and then immediately reboxed in org.itracker.web.forms.IssueForm.setupIssueForm(Issue, Map, HttpServletRequest, ActionMessages) | PERFORMANCE | BX_UNBOXING_IMMEDIATELY_REBOXED | 920 | Medium |
Exception is caught when Exception is not thrown in org.itracker.web.forms.IssueForm.validate(ActionMapping, HttpServletRequest) | STYLE | REC_CATCH_EXCEPTION | 1244 | Medium |
Useless condition: it's known that previousStatus < 400 (0x190) at this point | STYLE | UC_USELESS_CONDITION | 364 | High |
Useless condition: it's known that previousStatus >= 500 (0x1f4) at this point | STYLE | UC_USELESS_CONDITION | 373 | High |
org.itracker.web.forms.ProjectForm
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.forms.ProjectForm.init(ActionMapping, HttpServletRequest) invokes inefficient new Integer(int) constructor; use Integer.valueOf(int) instead | PERFORMANCE | DM_NUMBER_CTOR | 109 | Medium |
org.itracker.web.forms.ProjectScriptForm
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Unread field: org.itracker.web.forms.ProjectScriptForm.action | PERFORMANCE | URF_UNREAD_FIELD | 47 | Medium |
Unread field: org.itracker.web.forms.ProjectScriptForm.delId | PERFORMANCE | URF_UNREAD_FIELD | 48 | Medium |
org.itracker.web.forms.ReportForm
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Unread field: org.itracker.web.forms.ReportForm.reportType | PERFORMANCE | URF_UNREAD_FIELD | 56 | Medium |
org.itracker.web.ptos.ProjectPTO
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.ptos.ProjectPTO.getCreateDate() may expose internal representation by returning ProjectPTO.createDate | MALICIOUS_CODE | EI_EXPOSE_REP | 60 | Medium |
org.itracker.web.ptos.ProjectPTO.getLastModifiedDate() may expose internal representation by returning ProjectPTO.modifiedDate | MALICIOUS_CODE | EI_EXPOSE_REP | 81 | Medium |
org.itracker.web.ptos.ProjectPTO.getLastUpdatedIssueDate() may expose internal representation by returning ProjectPTO.lastUpdatedIssueDate | MALICIOUS_CODE | EI_EXPOSE_REP | 132 | Medium |
org.itracker.web.ptos.ProjectPTO.setCreateDate(Date) may expose internal representation by storing an externally mutable object into ProjectPTO.createDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 141 | Medium |
org.itracker.web.ptos.ProjectPTO.setLastUpdatedIssueDate(Date) may expose internal representation by storing an externally mutable object into ProjectPTO.lastUpdatedIssueDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 128 | Medium |
org.itracker.web.ptos.ProjectPTO.setModifiedDate(Date) may expose internal representation by storing an externally mutable object into ProjectPTO.modifiedDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 157 | Medium |
org.itracker.web.ptos.UserPTO
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.ptos.UserPTO.getLastAccess() may expose internal representation by returning UserPTO.lastAccess | MALICIOUS_CODE | EI_EXPOSE_REP | 30 | Medium |
new org.itracker.web.ptos.UserPTO(User, Date) may expose internal representation by storing an externally mutable object into UserPTO.lastAccess | MALICIOUS_CODE | EI_EXPOSE_REP2 | 14 | Medium |
org.itracker.web.servlets.AttachmentDownloadController
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.servlets.AttachmentDownloadController.doGet(HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 65 | Medium |
org.itracker.web.servlets.ReportDownloadController
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.servlets.ReportDownloadController.doGet(HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 58 | Medium |
org.itracker.web.util.AttachmentUtilities
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
int value cast to float and then passed to Math.round in org.itracker.web.util.AttachmentUtilities.validate(FormFile, ITrackerServices) | CORRECTNESS | ICAST_INT_CAST_TO_FLOAT_PASSED_TO_ROUND | 59 | Medium |
org.itracker.web.util.EditProjectFormActionUtil$ComponentInfo
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.util.EditProjectFormActionUtil$ComponentInfo.getDate() may expose internal representation by returning EditProjectFormActionUtil$ComponentInfo.lastModifiedDate | MALICIOUS_CODE | EI_EXPOSE_REP | 149 | Medium |
new org.itracker.web.util.EditProjectFormActionUtil$ComponentInfo(Integer, String, String, Date, Long) may expose internal representation by storing an externally mutable object into EditProjectFormActionUtil$ComponentInfo.lastModifiedDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 120 | Medium |
org.itracker.web.util.EditProjectFormActionUtil$ComponentInfo.setDate(Date) may expose internal representation by storing an externally mutable object into EditProjectFormActionUtil$ComponentInfo.lastModifiedDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 153 | Medium |
org.itracker.web.util.EditProjectFormActionUtil$VersionInfo
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.util.EditProjectFormActionUtil$VersionInfo.getDate() may expose internal representation by returning EditProjectFormActionUtil$VersionInfo.lastModifiedDate | MALICIOUS_CODE | EI_EXPOSE_REP | 91 | Medium |
new org.itracker.web.util.EditProjectFormActionUtil$VersionInfo(int, String, String, Date, Long) may expose internal representation by storing an externally mutable object into EditProjectFormActionUtil$VersionInfo.lastModifiedDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 62 | Medium |
org.itracker.web.util.EditProjectFormActionUtil$VersionInfo.setDate(Date) may expose internal representation by storing an externally mutable object into EditProjectFormActionUtil$VersionInfo.lastModifiedDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 95 | Medium |
org.itracker.web.util.HTMLUtilities
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Primitive boxed just to call toString in org.itracker.web.util.HTMLUtilities.escapeTags(String) | PERFORMANCE | DM_BOXED_PRIMITIVE_TOSTRING | 134 | Medium |
org.itracker.web.util.HTMLUtilities.escapeTags(String) invokes inefficient new Integer(int) constructor; use Integer.valueOf(int) instead | PERFORMANCE | DM_NUMBER_CTOR | 134 | Medium |
The class name org.itracker.web.util.HTMLUtilities shadows the simple name of the superclass org.itracker.util.HTMLUtilities | BAD_PRACTICE | NM_SAME_SIMPLE_NAME_AS_SUPERCLASS | 24-151 | High |
org.itracker.web.util.ImportHandler
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Boxing/unboxing to parse a primitive org.itracker.web.util.ImportHandler.endElement(String, String, String) | PERFORMANCE | DM_BOXED_PRIMITIVE_FOR_PARSING | 276 | High |
org.itracker.web.util.ImportHandler.startElement(String, String, String, Attributes) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 88 | Medium |
org.itracker.web.util.LoginUtilities
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Boxed value is unboxed and then immediately reboxed in org.itracker.web.util.LoginUtilities.allowSaveLogin(HttpServletRequest) | PERFORMANCE | BX_UNBOXING_IMMEDIATELY_REBOXED | 313 | Medium |
Boxing/unboxing to parse a primitive org.itracker.web.util.LoginUtilities.getRequestAuthType(HttpServletRequest) | PERFORMANCE | DM_BOXED_PRIMITIVE_FOR_PARSING | 133 | High |
org.itracker.web.util.SessionTracker
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.itracker.web.util.SessionTracker.finalize() missing call to super.finalize(), so org.itracker.web.util.SessionTracker.finalize() doesn't get called | BAD_PRACTICE | FI_MISSING_SUPER_CALL | 55-56 | Medium |