FindBugs Bug Detector Report
The following document contains the results of FindBugs
FindBugs Version is 3.0.1
Threshold is
Effort is min
Summary
| Classes |
Bugs |
Errors |
Missing Classes |
| 176 |
64 |
0 |
88 |
org.itracker.web.ApplicationInitialization
| Bug |
Category |
Details |
Line |
Priority |
| Unread field: org.itracker.web.ApplicationInitialization.servletConfig |
PERFORMANCE |
URF_UNREAD_FIELD |
115 |
Medium |
org.itracker.web.actions.PortalHomeAction
| Bug |
Category |
Details |
Line |
Priority |
| Boxed value is unboxed and then immediately reboxed in org.itracker.web.actions.PortalHomeAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
PERFORMANCE |
BX_UNBOXING_IMMEDIATELY_REBOXED |
63 |
Medium |
| Redundant nullcheck of showAllAtt, which is known to be non-null in org.itracker.web.actions.PortalHomeAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
STYLE |
RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE |
239 |
Medium |
| Suspicious comparison of Integer references in org.itracker.web.actions.PortalHomeAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
CORRECTNESS |
RC_REF_COMPARISON |
167 |
High |
org.itracker.web.actions.admin.configuration.EditConfigurationAction
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.actions.admin.configuration.EditConfigurationAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) makes inefficient use of keySet iterator instead of entrySet iterator |
PERFORMANCE |
WMI_WRONG_MAP_ITERATOR |
269 |
Medium |
org.itracker.web.actions.admin.configuration.EditCustomFieldValueAction
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.actions.admin.configuration.EditCustomFieldValueAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) makes inefficient use of keySet iterator instead of entrySet iterator |
PERFORMANCE |
WMI_WRONG_MAP_ITERATOR |
103 |
Medium |
org.itracker.web.actions.admin.configuration.ImportDataVerifyAction
| Bug |
Category |
Details |
Line |
Priority |
| Found reliance on default encoding in org.itracker.web.actions.admin.configuration.ImportDataVerifyAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse): new java.io.InputStreamReader(InputStream) |
I18N |
DM_DEFAULT_ENCODING |
81 |
High |
| org.itracker.web.actions.admin.configuration.ImportDataVerifyAction.checkUsers(ImportDataModel, InitialContext) concatenates strings using + in a loop |
PERFORMANCE |
SBSC_USE_STRINGBUFFER_CONCATENATION |
267 |
Medium |
org.itracker.web.actions.admin.configuration.OrderConfigurationItemAction
| Bug |
Category |
Details |
Line |
Priority |
| Dead store to newConfigItems in org.itracker.web.actions.admin.configuration.OrderConfigurationItemAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
STYLE |
DLS_DEAD_LOCAL_STORE |
112 |
Medium |
| Switch statement found in org.itracker.web.actions.admin.configuration.OrderConfigurationItemAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) where default case is missing |
STYLE |
SF_SWITCH_NO_DEFAULT |
117-120 |
Medium |
org.itracker.web.actions.admin.configuration.OrderCustomFieldValueAction
| Bug |
Category |
Details |
Line |
Priority |
| Suspicious comparison of Integer references in org.itracker.web.actions.admin.configuration.OrderCustomFieldValueAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
CORRECTNESS |
RC_REF_COMPARISON |
96 |
High |
org.itracker.web.actions.admin.configuration.RemoveConfigurationItemAction
| Bug |
Category |
Details |
Line |
Priority |
| Boxed value is unboxed and then immediately reboxed in org.itracker.web.actions.admin.configuration.RemoveConfigurationItemAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
PERFORMANCE |
BX_UNBOXING_IMMEDIATELY_REBOXED |
98 |
Medium |
org.itracker.web.actions.admin.project.EditComponentFormAction
| Bug |
Category |
Details |
Line |
Priority |
| Redundant nullcheck of component, which is known to be non-null in org.itracker.web.actions.admin.project.EditComponentFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
STYLE |
RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE |
112 |
High |
org.itracker.web.actions.admin.report.DownloadReportAction
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.actions.admin.report.DownloadReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead |
PERFORMANCE |
DM_NUMBER_CTOR |
54 |
Medium |
org.itracker.web.actions.admin.report.EditReportAction
| Bug |
Category |
Details |
Line |
Priority |
| Nullcheck of editreport at line 108 of value previously dereferenced in org.itracker.web.actions.admin.report.EditReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
CORRECTNESS |
RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE |
81 |
Medium |
org.itracker.web.actions.admin.report.ExportReportAction
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.actions.admin.report.ExportReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead |
PERFORMANCE |
DM_NUMBER_CTOR |
49 |
Medium |
org.itracker.web.actions.admin.report.RemoveReportAction
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.actions.admin.report.RemoveReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead |
PERFORMANCE |
DM_NUMBER_CTOR |
53 |
Medium |
org.itracker.web.actions.admin.user.EditUserAction
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.actions.admin.user.EditUserAction.setupJspEnv(HttpServletRequest, UserForm, ActionMessages, ActionMapping) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead |
PERFORMANCE |
DM_NUMBER_CTOR |
174 |
Medium |
org.itracker.web.actions.base.ItrackerBaseAction
| Bug |
Category |
Details |
Line |
Priority |
| Nullcheck of log at line 134 of value previously dereferenced in org.itracker.web.actions.base.ItrackerBaseAction.logTimeMillies(String, Date, Logger, Level) |
CORRECTNESS |
RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE |
131 |
High |
org.itracker.web.actions.issuesearch.SearchIssuesFormAction
| Bug |
Category |
Details |
Line |
Priority |
| Exception is caught when Exception is not thrown in org.itracker.web.actions.issuesearch.SearchIssuesFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
STYLE |
REC_CATCH_EXCEPTION |
249 |
Medium |
org.itracker.web.actions.preferences.EditPreferencesAction
| Bug |
Category |
Details |
Line |
Priority |
| Boxing/unboxing to parse a primitive org.itracker.web.actions.preferences.EditPreferencesAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
PERFORMANCE |
DM_BOXED_PRIMITIVE_FOR_PARSING |
177 |
High |
org.itracker.web.actions.preferences.EditPreferencesFormAction
| Bug |
Category |
Details |
Line |
Priority |
| Redundant nullcheck of user, which is known to be non-null in org.itracker.web.actions.preferences.EditPreferencesFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
STYLE |
RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE |
170 |
Medium |
org.itracker.web.actions.project.CreateIssueFormAction
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.actions.project.CreateIssueFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead |
PERFORMANCE |
DM_NUMBER_CTOR |
62 |
Medium |
| Nullcheck of project at line 92 of value previously dereferenced in org.itracker.web.actions.project.CreateIssueFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
CORRECTNESS |
RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE |
92 |
High |
org.itracker.web.actions.project.EditIssueFormAction
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.actions.project.EditIssueFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead |
PERFORMANCE |
DM_NUMBER_CTOR |
66 |
Medium |
| Redundant nullcheck of issue, which is known to be non-null in org.itracker.web.actions.project.EditIssueFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
STYLE |
RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE |
130 |
High |
org.itracker.web.actions.project.MoveIssueAction
| Bug |
Category |
Details |
Line |
Priority |
| Possible null pointer dereference of issue in org.itracker.web.actions.project.MoveIssueAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
CORRECTNESS |
NP_NULL_ON_SOME_PATH |
73 |
High |
org.itracker.web.actions.project.RemoveIssueAttachmentAction
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.actions.project.RemoveIssueAttachmentAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead |
PERFORMANCE |
DM_NUMBER_CTOR |
54 |
Medium |
| Exceptional return value of java.io.File.delete() ignored in org.itracker.web.actions.project.RemoveIssueAttachmentAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
BAD_PRACTICE |
RV_RETURN_VALUE_IGNORED_BAD_PRACTICE |
62 |
Medium |
org.itracker.web.actions.project.WatchIssueAction
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.actions.project.WatchIssueAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead |
PERFORMANCE |
DM_NUMBER_CTOR |
56 |
Medium |
org.itracker.web.actions.report.DisplayReportAction
| Bug |
Category |
Details |
Line |
Priority |
| Load of known null value in org.itracker.web.actions.report.DisplayReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) |
STYLE |
NP_LOAD_OF_KNOWN_NULL_VALUE |
125 |
Medium |
org.itracker.web.forms.IssueForm
| Bug |
Category |
Details |
Line |
Priority |
| Boxed value is unboxed and then immediately reboxed in org.itracker.web.forms.IssueForm.setupIssueForm(Issue, Map, HttpServletRequest, ActionMessages) |
PERFORMANCE |
BX_UNBOXING_IMMEDIATELY_REBOXED |
920 |
Medium |
| Exception is caught when Exception is not thrown in org.itracker.web.forms.IssueForm.validate(ActionMapping, HttpServletRequest) |
STYLE |
REC_CATCH_EXCEPTION |
1244 |
Medium |
| Useless condition: it's known that previousStatus < 400 (0x190) at this point |
STYLE |
UC_USELESS_CONDITION |
364 |
High |
| Useless condition: it's known that previousStatus >= 500 (0x1f4) at this point |
STYLE |
UC_USELESS_CONDITION |
373 |
High |
org.itracker.web.forms.ProjectForm
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.forms.ProjectForm.init(ActionMapping, HttpServletRequest) invokes inefficient new Integer(int) constructor; use Integer.valueOf(int) instead |
PERFORMANCE |
DM_NUMBER_CTOR |
109 |
Medium |
org.itracker.web.forms.ProjectScriptForm
| Bug |
Category |
Details |
Line |
Priority |
| Unread field: org.itracker.web.forms.ProjectScriptForm.action |
PERFORMANCE |
URF_UNREAD_FIELD |
47 |
Medium |
| Unread field: org.itracker.web.forms.ProjectScriptForm.delId |
PERFORMANCE |
URF_UNREAD_FIELD |
48 |
Medium |
org.itracker.web.forms.ReportForm
| Bug |
Category |
Details |
Line |
Priority |
| Unread field: org.itracker.web.forms.ReportForm.reportType |
PERFORMANCE |
URF_UNREAD_FIELD |
56 |
Medium |
org.itracker.web.ptos.ProjectPTO
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.ptos.ProjectPTO.getCreateDate() may expose internal representation by returning ProjectPTO.createDate |
MALICIOUS_CODE |
EI_EXPOSE_REP |
60 |
Medium |
| org.itracker.web.ptos.ProjectPTO.getLastModifiedDate() may expose internal representation by returning ProjectPTO.modifiedDate |
MALICIOUS_CODE |
EI_EXPOSE_REP |
81 |
Medium |
| org.itracker.web.ptos.ProjectPTO.getLastUpdatedIssueDate() may expose internal representation by returning ProjectPTO.lastUpdatedIssueDate |
MALICIOUS_CODE |
EI_EXPOSE_REP |
132 |
Medium |
| org.itracker.web.ptos.ProjectPTO.setCreateDate(Date) may expose internal representation by storing an externally mutable object into ProjectPTO.createDate |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
141 |
Medium |
| org.itracker.web.ptos.ProjectPTO.setLastUpdatedIssueDate(Date) may expose internal representation by storing an externally mutable object into ProjectPTO.lastUpdatedIssueDate |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
128 |
Medium |
| org.itracker.web.ptos.ProjectPTO.setModifiedDate(Date) may expose internal representation by storing an externally mutable object into ProjectPTO.modifiedDate |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
157 |
Medium |
org.itracker.web.ptos.UserPTO
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.ptos.UserPTO.getLastAccess() may expose internal representation by returning UserPTO.lastAccess |
MALICIOUS_CODE |
EI_EXPOSE_REP |
30 |
Medium |
| new org.itracker.web.ptos.UserPTO(User, Date) may expose internal representation by storing an externally mutable object into UserPTO.lastAccess |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
14 |
Medium |
org.itracker.web.servlets.AttachmentDownloadController
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.servlets.AttachmentDownloadController.doGet(HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead |
PERFORMANCE |
DM_NUMBER_CTOR |
65 |
Medium |
org.itracker.web.servlets.ReportDownloadController
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.servlets.ReportDownloadController.doGet(HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead |
PERFORMANCE |
DM_NUMBER_CTOR |
58 |
Medium |
org.itracker.web.util.AttachmentUtilities
| Bug |
Category |
Details |
Line |
Priority |
| int value cast to float and then passed to Math.round in org.itracker.web.util.AttachmentUtilities.validate(FormFile, ITrackerServices) |
CORRECTNESS |
ICAST_INT_CAST_TO_FLOAT_PASSED_TO_ROUND |
59 |
Medium |
org.itracker.web.util.EditProjectFormActionUtil$ComponentInfo
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.util.EditProjectFormActionUtil$ComponentInfo.getDate() may expose internal representation by returning EditProjectFormActionUtil$ComponentInfo.lastModifiedDate |
MALICIOUS_CODE |
EI_EXPOSE_REP |
149 |
Medium |
| new org.itracker.web.util.EditProjectFormActionUtil$ComponentInfo(Integer, String, String, Date, Long) may expose internal representation by storing an externally mutable object into EditProjectFormActionUtil$ComponentInfo.lastModifiedDate |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
120 |
Medium |
| org.itracker.web.util.EditProjectFormActionUtil$ComponentInfo.setDate(Date) may expose internal representation by storing an externally mutable object into EditProjectFormActionUtil$ComponentInfo.lastModifiedDate |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
153 |
Medium |
org.itracker.web.util.EditProjectFormActionUtil$VersionInfo
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.util.EditProjectFormActionUtil$VersionInfo.getDate() may expose internal representation by returning EditProjectFormActionUtil$VersionInfo.lastModifiedDate |
MALICIOUS_CODE |
EI_EXPOSE_REP |
91 |
Medium |
| new org.itracker.web.util.EditProjectFormActionUtil$VersionInfo(int, String, String, Date, Long) may expose internal representation by storing an externally mutable object into EditProjectFormActionUtil$VersionInfo.lastModifiedDate |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
62 |
Medium |
| org.itracker.web.util.EditProjectFormActionUtil$VersionInfo.setDate(Date) may expose internal representation by storing an externally mutable object into EditProjectFormActionUtil$VersionInfo.lastModifiedDate |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
95 |
Medium |
org.itracker.web.util.HTMLUtilities
| Bug |
Category |
Details |
Line |
Priority |
| Primitive boxed just to call toString in org.itracker.web.util.HTMLUtilities.escapeTags(String) |
PERFORMANCE |
DM_BOXED_PRIMITIVE_TOSTRING |
134 |
Medium |
| org.itracker.web.util.HTMLUtilities.escapeTags(String) invokes inefficient new Integer(int) constructor; use Integer.valueOf(int) instead |
PERFORMANCE |
DM_NUMBER_CTOR |
134 |
Medium |
| The class name org.itracker.web.util.HTMLUtilities shadows the simple name of the superclass org.itracker.util.HTMLUtilities |
BAD_PRACTICE |
NM_SAME_SIMPLE_NAME_AS_SUPERCLASS |
24-151 |
High |
org.itracker.web.util.ImportHandler
| Bug |
Category |
Details |
Line |
Priority |
| Boxing/unboxing to parse a primitive org.itracker.web.util.ImportHandler.endElement(String, String, String) |
PERFORMANCE |
DM_BOXED_PRIMITIVE_FOR_PARSING |
276 |
High |
| org.itracker.web.util.ImportHandler.startElement(String, String, String, Attributes) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead |
PERFORMANCE |
DM_NUMBER_CTOR |
88 |
Medium |
org.itracker.web.util.LoginUtilities
| Bug |
Category |
Details |
Line |
Priority |
| Boxed value is unboxed and then immediately reboxed in org.itracker.web.util.LoginUtilities.allowSaveLogin(HttpServletRequest) |
PERFORMANCE |
BX_UNBOXING_IMMEDIATELY_REBOXED |
313 |
Medium |
| Boxing/unboxing to parse a primitive org.itracker.web.util.LoginUtilities.getRequestAuthType(HttpServletRequest) |
PERFORMANCE |
DM_BOXED_PRIMITIVE_FOR_PARSING |
133 |
High |
org.itracker.web.util.SessionTracker
| Bug |
Category |
Details |
Line |
Priority |
| org.itracker.web.util.SessionTracker.finalize() missing call to super.finalize(), so org.itracker.web.util.SessionTracker.finalize() doesn't get called |
BAD_PRACTICE |
FI_MISSING_SUPER_CALL |
55-56 |
Medium |
