itracker
Download
Documentation
Getting Involved
Project Documentation
FindBugs Bug Detector Report
The following document contains the results of FindBugs
FindBugs Version is 3.0.1
Threshold is
Effort is min
Files
org.itracker.core.ApplicationInitialization
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Unread field: org.itracker.core.ApplicationInitialization.servletConfig | PERFORMANCE | URF_UNREAD_FIELD | 156 | Medium |
org.itracker.core.resources.ITrackerResources
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Load of known null value in org.itracker.core.resources.ITrackerResources.getLocaleDN(Locale, Locale) | STYLE | NP_LOAD_OF_KNOWN_NULL_VALUE | 170 | Medium |
| Redundant nullcheck of val, which is known to be non-null in org.itracker.core.resources.ITrackerResources.getString(String, Locale) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 376 | Medium |
org.itracker.model.CustomField
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.model.CustomField.DEFAULT_DATE_FORMAT is a static field of type java.text.DateFormat, which isn't thread safe | MT_CORRECTNESS | STCAL_STATIC_SIMPLE_DATE_FORMAT_INSTANCE | Not available | High |
org.itracker.model.ImportDataModel
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.model.ImportDataModel.getImportStatistics() may expose internal representation by returning ImportDataModel.verifyStatistics | MALICIOUS_CODE | EI_EXPOSE_REP | 115 | Medium |
org.itracker.model.IssueActivityType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Suspicious comparison of Integer references in org.itracker.model.IssueActivityType.fromCode(Integer) | CORRECTNESS | RC_REF_COMPARISON | 56 | High |
org.itracker.model.IssueField
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Redundant nullcheck of org.itracker.model.IssueField.dateValue, which is known to be non-null in org.itracker.model.IssueField.formatDate(ResourceBundle) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 243 | High |
org.itracker.model.Language$LanguageKeyComparator
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.model.Language$LanguageKeyComparator implements Comparator but not Serializable | BAD_PRACTICE | SE_COMPARATOR_SHOULD_BE_SERIALIZABLE | 128-131 | Medium |
org.itracker.model.Language$LanguageValueComparator
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.model.Language$LanguageValueComparator implements Comparator but not Serializable | BAD_PRACTICE | SE_COMPARATOR_SHOULD_BE_SERIALIZABLE | 138-141 | Medium |
org.itracker.model.Permission$PermissionPropertiesComparator
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.model.Permission$PermissionPropertiesComparator implements Comparator but not Serializable | BAD_PRACTICE | SE_COMPARATOR_SHOULD_BE_SERIALIZABLE | 134-136 | Medium |
org.itracker.model.Report
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.model.Report.getFileData() may expose internal representation by returning Report.fileData | MALICIOUS_CODE | EI_EXPOSE_REP | 99 | Medium |
| org.itracker.model.Report.setFileData(byte[]) may expose internal representation by storing an externally mutable object into Report.fileData | MALICIOUS_CODE | EI_EXPOSE_REP2 | 103 | Medium |
org.itracker.model.Report$NameComparator
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.model.Report$NameComparator implements Comparator but not Serializable | BAD_PRACTICE | SE_COMPARATOR_SHOULD_BE_SERIALIZABLE | 114-116 | Medium |
org.itracker.model.SystemConfiguration$SystemConfigurationComparator
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.model.SystemConfiguration$SystemConfigurationComparator implements Comparator but not Serializable | BAD_PRACTICE | SE_COMPARATOR_SHOULD_BE_SERIALIZABLE | 125-128 | Medium |
org.itracker.model.User$LoginComparator
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.model.User$LoginComparator implements Comparator but not Serializable | BAD_PRACTICE | SE_COMPARATOR_SHOULD_BE_SERIALIZABLE | 264-266 | Medium |
org.itracker.model.User$NameComparator
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.model.User$NameComparator implements Comparator but not Serializable | BAD_PRACTICE | SE_COMPARATOR_SHOULD_BE_SERIALIZABLE | 255-258 | Medium |
org.itracker.model.util.IssueUtilities
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.model.util.IssueUtilities.STANDARD_FIELDS should be package protected | MALICIOUS_CODE | MS_PKGPROTECT | 55 | Medium |
org.itracker.model.util.PropertiesFileHandler
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.model.util.PropertiesFileHandler.addProperties(String) may fail to clean up java.io.InputStream | EXPERIMENTAL | OBL_UNSATISFIED_OBLIGATION | 50 | Medium |
org.itracker.model.util.UserUtilities
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Dead store to permissionsArray in org.itracker.model.util.UserUtilities.createPermissionArray(User, Project, int[]) | STYLE | DLS_DEAD_LOCAL_STORE | 359 | Medium |
| org.itracker.model.util.UserUtilities.alphabet should be package protected | MALICIOUS_CODE | MS_PKGPROTECT | 35 | Medium |
org.itracker.persistence.dao.EnumCodeUserType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.persistence.dao.EnumCodeUserType.sqlTypes() may expose internal representation by returning EnumCodeUserType.SQL_TYPES | MALICIOUS_CODE | EI_EXPOSE_REP | 70 | Medium |
org.itracker.persistence.dao.EnumNameUserType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.persistence.dao.EnumNameUserType.sqlTypes() may expose internal representation by returning EnumNameUserType.SQL_TYPES | MALICIOUS_CODE | EI_EXPOSE_REP | 47 | Medium |
org.itracker.persistence.dao.EnumOrdinalUserType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.persistence.dao.EnumOrdinalUserType.sqlTypes() may expose internal representation by returning EnumOrdinalUserType.SQL_TYPES | MALICIOUS_CODE | EI_EXPOSE_REP | 58 | Medium |
org.itracker.persistence.dao.IntBooleanType
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.persistence.dao.IntBooleanType.sqlTypes() may expose internal representation by returning IntBooleanType.SQL_TYPES | MALICIOUS_CODE | EI_EXPOSE_REP | 64 | Medium |
org.itracker.services.authentication.AbstractPluggableAuthenticator
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| instanceof will always return true for all non-null values in org.itracker.services.authentication.AbstractPluggableAuthenticator.getConfigurationService(), since all org.itracker.services.ConfigurationService are instances of org.itracker.services.ConfigurationService | STYLE | BC_VACUOUS_INSTANCEOF | 85 | Medium |
| instanceof will always return true for all non-null values in org.itracker.services.authentication.AbstractPluggableAuthenticator.getUserService(), since all org.itracker.services.UserService are instances of org.itracker.services.UserService | STYLE | BC_VACUOUS_INSTANCEOF | 69 | Medium |
org.itracker.services.authentication.adsson.ADIntegration
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new org.itracker.services.authentication.adsson.ADIntegration() may fail to clean up java.io.InputStream | EXPERIMENTAL | OBL_UNSATISFIED_OBLIGATION | 36 | Medium |
org.itracker.services.implementations.ConfigurationServiceImpl
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Dead store to current in org.itracker.services.implementations.ConfigurationServiceImpl.initializeConfiguration() | STYLE | DLS_DEAD_LOCAL_STORE | 1107 | Medium |
| Load of known null value in org.itracker.services.implementations.ConfigurationServiceImpl.setJndiPropertiesOverridePrefix(String) | STYLE | NP_LOAD_OF_KNOWN_NULL_VALUE | 101 | Medium |
| Redundant nullcheck of languageItem, which is known to be non-null in org.itracker.services.implementations.ConfigurationServiceImpl.getLanguageItemByKey(String, Locale) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 778 | Medium |
| Redundant nullcheck of configuration, which is known to be non-null in org.itracker.services.implementations.ConfigurationServiceImpl.isConfigurationItemUpToDate(Configuration) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 365 | Medium |
| Uninitialized read of jndiPropertiesOverridePrefix in new org.itracker.services.implementations.ConfigurationServiceImpl(Properties, ConfigurationDAO, CustomFieldDAO, CustomFieldValueDAO, LanguageDAO, ProjectScriptDAO, WorkflowScriptDAO) | CORRECTNESS | UR_UNINIT_READ | 77 | Medium |
| Uninitialized read of mailSessionLookupName in new org.itracker.services.implementations.ConfigurationServiceImpl(Properties, ConfigurationDAO, CustomFieldDAO, CustomFieldValueDAO, LanguageDAO, ProjectScriptDAO, WorkflowScriptDAO) | CORRECTNESS | UR_UNINIT_READ | 80 | Medium |
| org.itracker.services.implementations.ConfigurationServiceImpl.getLanguage(Locale) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 937 | Medium |
org.itracker.services.implementations.IssueServiceImpl
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Boxed value is unboxed and then immediately reboxed in org.itracker.services.implementations.IssueServiceImpl.getAllIssueAttachmentCount() | PERFORMANCE | BX_UNBOXING_IMMEDIATELY_REBOXED | 1371 | Medium |
org.itracker.services.implementations.NotificationServiceImpl
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Dead store to versions in org.itracker.services.implementations.NotificationServiceImpl.handleIssueNotification(Issue, Notification$Type, String, InternetAddress[], Integer) | STYLE | DLS_DEAD_LOCAL_STORE | 251 | Medium |
| Dead store to versions in org.itracker.services.implementations.NotificationServiceImpl.handleNotification(Issue, Notification$Type, Integer, Map, String) | STYLE | DLS_DEAD_LOCAL_STORE | 513 | Medium |
| Redundant nullcheck of org.itracker.model.AbstractEntity.getCreateDate(), which is known to be non-null in org.itracker.services.implementations.NotificationServiceImpl.addIssueNotification(Notification) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 777 | Medium |
| Redundant nullcheck of org.itracker.model.AbstractEntity.getLastModifiedDate(), which is known to be non-null in org.itracker.services.implementations.NotificationServiceImpl.addIssueNotification(Notification) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 780 | Medium |
| Redundant nullcheck of issue, which is known to be non-null in org.itracker.services.implementations.NotificationServiceImpl.getIssueNotifications(Issue, boolean, boolean) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 836 | Medium |
| Return value of org.itracker.model.Issue.getActivities() ignored, but method has no side effect | STYLE | RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT | 220 | Medium |
| org.itracker.services.implementations.NotificationServiceImpl.handleIssueNotification(Issue, Notification$Type, String, InternetAddress[], Integer) concatenates strings using + in a loop | PERFORMANCE | SBSC_USE_STRINGBUFFER_CONCATENATION | 299 | Medium |
| org.itracker.services.implementations.NotificationServiceImpl.handleNotification(Issue, Notification$Type, Integer, Map, String) concatenates strings using + in a loop | PERFORMANCE | SBSC_USE_STRINGBUFFER_CONCATENATION | 627 | Medium |
| org.itracker.services.implementations.NotificationServiceImpl.handleNotification(Issue, Notification$Type, Integer, Map, String) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 567 | Medium |
org.itracker.services.implementations.ProjectServiceImpl
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Dead store to user in org.itracker.services.implementations.ProjectServiceImpl.updateProject(Project, Integer) | STYLE | DLS_DEAD_LOCAL_STORE | 377 | Medium |
org.itracker.services.implementations.UserServiceImpl
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Redundant nullcheck of authenticator, which is known to be non-null in org.itracker.services.implementations.UserServiceImpl.allowPasswordUpdates(User, Object, int, int) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 858 | Medium |
| Redundant nullcheck of authenticator, which is known to be non-null in org.itracker.services.implementations.UserServiceImpl.allowPermissionUpdates(User, Object, int, int) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 886 | Medium |
| Redundant nullcheck of authenticator, which is known to be non-null in org.itracker.services.implementations.UserServiceImpl.allowPreferenceUpdates(User, Object, int, int) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 914 | Medium |
| Redundant nullcheck of authenticator, which is known to be non-null in org.itracker.services.implementations.UserServiceImpl.allowProfileCreation(User, Object, int, int) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 802 | Medium |
| Redundant nullcheck of authenticator, which is known to be non-null in org.itracker.services.implementations.UserServiceImpl.allowProfileUpdates(User, Object, int, int) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 830 | Medium |
| Redundant nullcheck of authenticator, which is known to be non-null in org.itracker.services.implementations.UserServiceImpl.allowRegistration(User, Object, int, int) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 770 | Medium |
| Redundant nullcheck of authenticator, which is known to be non-null in org.itracker.services.implementations.UserServiceImpl.checkLogin(String, Object, int, int) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 742 | Medium |
| Redundant nullcheck of authenticator, which is known to be non-null in org.itracker.services.implementations.UserServiceImpl.updateAuthenticator(Integer, List) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 412 | Medium |
| Redundant nullcheck of authenticator, which is known to be non-null in org.itracker.services.implementations.UserServiceImpl.updateUser(User) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 196 | Medium |
org.itracker.services.util.Base64Coder
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in org.itracker.services.util.Base64Coder.decodeString(String): new String(byte[]) | I18N | DM_DEFAULT_ENCODING | 110 | High |
| Found reliance on default encoding in org.itracker.services.util.Base64Coder.encodeString(String): String.getBytes() | I18N | DM_DEFAULT_ENCODING | 56 | High |
org.itracker.web.actions.PortalHomeAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Boxed value is unboxed and then immediately reboxed in org.itracker.web.actions.PortalHomeAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | PERFORMANCE | BX_UNBOXING_IMMEDIATELY_REBOXED | 62 | Medium |
| Redundant nullcheck of showAllAtt, which is known to be non-null in org.itracker.web.actions.PortalHomeAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 237 | Medium |
| Suspicious comparison of Integer references in org.itracker.web.actions.PortalHomeAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | CORRECTNESS | RC_REF_COMPARISON | 160 | High |
org.itracker.web.actions.admin.AdminHomeAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Dead store to numberDefinedKeys in org.itracker.web.actions.admin.AdminHomeAction.execSetupJspEnv(HttpServletRequest) | STYLE | DLS_DEAD_LOCAL_STORE | 77 | Medium |
org.itracker.web.actions.admin.configuration.EditConfigurationAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.actions.admin.configuration.EditConfigurationAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 273 | Medium |
org.itracker.web.actions.admin.configuration.EditCustomFieldAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.actions.admin.configuration.EditCustomFieldAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 117 | Medium |
org.itracker.web.actions.admin.configuration.EditCustomFieldValueAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.actions.admin.configuration.EditCustomFieldValueAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 109 | Medium |
org.itracker.web.actions.admin.configuration.ImportDataVerifyAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Found reliance on default encoding in org.itracker.web.actions.admin.configuration.ImportDataVerifyAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse): new java.io.InputStreamReader(InputStream) | I18N | DM_DEFAULT_ENCODING | 81 | High |
| org.itracker.web.actions.admin.configuration.ImportDataVerifyAction.checkUsers(ImportDataModel, InitialContext) concatenates strings using + in a loop | PERFORMANCE | SBSC_USE_STRINGBUFFER_CONCATENATION | 265 | Medium |
org.itracker.web.actions.admin.configuration.OrderConfigurationItemAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Dead store to newConfigItems in org.itracker.web.actions.admin.configuration.OrderConfigurationItemAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | DLS_DEAD_LOCAL_STORE | 112 | Medium |
| Switch statement found in org.itracker.web.actions.admin.configuration.OrderConfigurationItemAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) where default case is missing | STYLE | SF_SWITCH_NO_DEFAULT | 117-120 | Medium |
org.itracker.web.actions.admin.configuration.OrderCustomFieldValueAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Suspicious comparison of Integer references in org.itracker.web.actions.admin.configuration.OrderCustomFieldValueAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | CORRECTNESS | RC_REF_COMPARISON | 95 | High |
org.itracker.web.actions.admin.configuration.RemoveConfigurationItemAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Boxed value is unboxed and then immediately reboxed in org.itracker.web.actions.admin.configuration.RemoveConfigurationItemAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | PERFORMANCE | BX_UNBOXING_IMMEDIATELY_REBOXED | 99 | Medium |
org.itracker.web.actions.admin.language.CreateLanguageKeyAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.actions.admin.language.CreateLanguageKeyAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 69 | Medium |
org.itracker.web.actions.admin.language.EditLanguageAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.actions.admin.language.EditLanguageAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 134 | Medium |
org.itracker.web.actions.admin.project.EditComponentFormAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Redundant nullcheck of component, which is known to be non-null in org.itracker.web.actions.admin.project.EditComponentFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 112 | High |
org.itracker.web.actions.admin.project.EditProjectScriptAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Redundant nullcheck of fieldType, which is known to be non-null in org.itracker.web.actions.admin.project.EditProjectScriptAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 88 | Medium |
| org.itracker.web.actions.admin.project.EditProjectScriptAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 82 | Medium |
org.itracker.web.actions.admin.report.DownloadReportAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.actions.admin.report.DownloadReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 54 | Medium |
org.itracker.web.actions.admin.report.EditReportAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Nullcheck of editreport at line 113 of value previously dereferenced in org.itracker.web.actions.admin.report.EditReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | CORRECTNESS | RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE | 86 | Medium |
org.itracker.web.actions.admin.report.ExportReportAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.actions.admin.report.ExportReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 55 | Medium |
org.itracker.web.actions.admin.report.RemoveReportAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.actions.admin.report.RemoveReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 53 | Medium |
org.itracker.web.actions.admin.user.EditUserAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.actions.admin.user.EditUserAction.setupJspEnv(HttpServletRequest, UserForm, ActionMessages, ActionMapping) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 179 | Medium |
| Redundant nullcheck of editUser, which is known to be non-null in org.itracker.web.actions.admin.user.EditUserAction.setupJspEnv(HttpServletRequest, UserForm, ActionMessages, ActionMapping) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 126 | Medium |
org.itracker.web.actions.admin.workflow.EditWorkflowScriptFormAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Redundant nullcheck of workflowScript, which is known to be non-null in org.itracker.web.actions.admin.workflow.EditWorkflowScriptFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 97 | Medium |
org.itracker.web.actions.base.ItrackerBaseAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Nullcheck of log at line 127 of value previously dereferenced in org.itracker.web.actions.base.ItrackerBaseAction.logTimeMillies(String, Date, Logger, Level) | CORRECTNESS | RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE | 124 | High |
org.itracker.web.actions.issuesearch.SearchIssuesFormAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception is caught when Exception is not thrown in org.itracker.web.actions.issuesearch.SearchIssuesFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | REC_CATCH_EXCEPTION | 249 | Medium |
org.itracker.web.actions.preferences.EditPreferencesAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Boxing/unboxing to parse a primitive org.itracker.web.actions.preferences.EditPreferencesAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | PERFORMANCE | DM_BOXED_PRIMITIVE_FOR_PARSING | 178 | High |
org.itracker.web.actions.preferences.EditPreferencesFormAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Redundant nullcheck of user, which is known to be non-null in org.itracker.web.actions.preferences.EditPreferencesFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 169 | Medium |
org.itracker.web.actions.project.CreateIssueAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Dead store to scripts in org.itracker.web.actions.project.CreateIssueAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | DLS_DEAD_LOCAL_STORE | 118 | Medium |
org.itracker.web.actions.project.CreateIssueFormAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.actions.project.CreateIssueFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 60 | Medium |
| Nullcheck of project at line 92 of value previously dereferenced in org.itracker.web.actions.project.CreateIssueFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | CORRECTNESS | RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE | 92 | High |
org.itracker.web.actions.project.EditIssueFormAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.actions.project.EditIssueFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 67 | Medium |
| Redundant nullcheck of issue, which is known to be non-null in org.itracker.web.actions.project.EditIssueFormAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 126 | High |
org.itracker.web.actions.project.MoveIssueAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Possible null pointer dereference of issue in org.itracker.web.actions.project.MoveIssueAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | CORRECTNESS | NP_NULL_ON_SOME_PATH | 73 | High |
org.itracker.web.actions.project.RemoveIssueAttachmentAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.actions.project.RemoveIssueAttachmentAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 54 | Medium |
| Exceptional return value of java.io.File.delete() ignored in org.itracker.web.actions.project.RemoveIssueAttachmentAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | BAD_PRACTICE | RV_RETURN_VALUE_IGNORED_BAD_PRACTICE | 62 | Medium |
org.itracker.web.actions.project.ViewIssueAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.actions.project.ViewIssueAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 61 | Medium |
org.itracker.web.actions.project.WatchIssueAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.actions.project.WatchIssueAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 56 | Medium |
org.itracker.web.actions.report.DisplayReportAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Load of known null value in org.itracker.web.actions.report.DisplayReportAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | NP_LOAD_OF_KNOWN_NULL_VALUE | 128 | Medium |
org.itracker.web.actions.user.LoginAction
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Possible null pointer dereference of redirect in org.itracker.web.actions.user.LoginAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | CORRECTNESS | NP_NULL_ON_SOME_PATH | 205 | Medium |
| Redundant nullcheck of user, which is known to be non-null in org.itracker.web.actions.user.LoginAction.execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 201 | High |
org.itracker.web.filters.ExecuteAlwaysFilter
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Load of known null value in org.itracker.web.filters.ExecuteAlwaysFilter.handleError(Throwable, ServletRequest, ServletResponse) | STYLE | NP_LOAD_OF_KNOWN_NULL_VALUE | 222 | Medium |
org.itracker.web.forms.IssueForm
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Boxed value is unboxed and then immediately reboxed in org.itracker.web.forms.IssueForm.setupIssueForm(Issue, Map, HttpServletRequest, ActionMessages) | PERFORMANCE | BX_UNBOXING_IMMEDIATELY_REBOXED | 865 | Medium |
| Nullcheck of issueVersions at line 610 of value previously dereferenced in org.itracker.web.forms.IssueForm.setupJspEnv(ActionMapping, IssueForm, HttpServletRequest, Issue, IssueService, UserService, Map, Map, ActionMessages) | CORRECTNESS | RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE | 610 | High |
| Exception is caught when Exception is not thrown in org.itracker.web.forms.IssueForm.validate(ActionMapping, HttpServletRequest) | STYLE | REC_CATCH_EXCEPTION | 1184 | Medium |
| Useless condition: it's known that previousStatus < 400 (0x190) at this point | STYLE | UC_USELESS_CONDITION | 305 | High |
| Useless condition: it's known that previousStatus >= 500 (0x1f4) at this point | STYLE | UC_USELESS_CONDITION | 314 | High |
org.itracker.web.forms.ProjectForm
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.forms.ProjectForm.init(ActionMapping, HttpServletRequest) invokes inefficient new Integer(int) constructor; use Integer.valueOf(int) instead | PERFORMANCE | DM_NUMBER_CTOR | 108 | Medium |
org.itracker.web.ptos.ProjectPTO
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.ptos.ProjectPTO.getLastUpdatedIssueDate() may expose internal representation by returning ProjectPTO.lastUpdatedIssueDate | MALICIOUS_CODE | EI_EXPOSE_REP | 153 | Medium |
| org.itracker.web.ptos.ProjectPTO.setLastUpdatedIssueDate(Date) may expose internal representation by storing an externally mutable object into ProjectPTO.lastUpdatedIssueDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 149 | Medium |
org.itracker.web.ptos.UserPTO
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.ptos.UserPTO.getLastAccess() may expose internal representation by returning UserPTO.lastAccess | MALICIOUS_CODE | EI_EXPOSE_REP | 30 | Medium |
| new org.itracker.web.ptos.UserPTO(User, Date) may expose internal representation by storing an externally mutable object into UserPTO.lastAccess | MALICIOUS_CODE | EI_EXPOSE_REP2 | 14 | Medium |
org.itracker.web.servlets.AttachmentDownloadController
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.servlets.AttachmentDownloadController.doGet(HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 71 | Medium |
org.itracker.web.servlets.ReportDownloadController
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.servlets.ReportDownloadController.doGet(HttpServletRequest, HttpServletResponse) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 66 | Medium |
org.itracker.web.servlets.RssFeedController
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Dead store to f in org.itracker.web.servlets.RssFeedController.doGet(HttpServletRequest, HttpServletResponse) | STYLE | DLS_DEAD_LOCAL_STORE | 94 | High |
org.itracker.web.taglib.FormatCustomFieldTag
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.taglib.FormatCustomFieldTag.doEndTag() uses the same code for two branches | STYLE | DB_DUPLICATE_BRANCHES | 111 | Medium |
| Null passed for non-null parameter of java.text.DateFormat.parse(String) in org.itracker.web.taglib.FormatCustomFieldTag.doEndTag() | CORRECTNESS | NP_NULL_PARAM_DEREF | 205 | Medium |
org.itracker.web.util.AdminProjectUtilities
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Dead store to userPermissionModels in org.itracker.web.util.AdminProjectUtilities.handleInitialProjectMembers(Project, Set, Set, ProjectService, UserService) | STYLE | DLS_DEAD_LOCAL_STORE | 37 | Medium |
org.itracker.web.util.AttachmentUtilities
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| int value cast to float and then passed to Math.round in org.itracker.web.util.AttachmentUtilities.validate(FormFile, ITrackerServices) | CORRECTNESS | ICAST_INT_CAST_TO_FLOAT_PASSED_TO_ROUND | 59 | Medium |
org.itracker.web.util.EditProjectFormActionUtil$ComponentInfo
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.util.EditProjectFormActionUtil$ComponentInfo.getDate() may expose internal representation by returning EditProjectFormActionUtil$ComponentInfo.lastModifiedDate | MALICIOUS_CODE | EI_EXPOSE_REP | 149 | Medium |
| new org.itracker.web.util.EditProjectFormActionUtil$ComponentInfo(Integer, String, String, Date, Long) may expose internal representation by storing an externally mutable object into EditProjectFormActionUtil$ComponentInfo.lastModifiedDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 120 | Medium |
| org.itracker.web.util.EditProjectFormActionUtil$ComponentInfo.setDate(Date) may expose internal representation by storing an externally mutable object into EditProjectFormActionUtil$ComponentInfo.lastModifiedDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 153 | Medium |
org.itracker.web.util.EditProjectFormActionUtil$VersionInfo
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.util.EditProjectFormActionUtil$VersionInfo.getDate() may expose internal representation by returning EditProjectFormActionUtil$VersionInfo.lastModifiedDate | MALICIOUS_CODE | EI_EXPOSE_REP | 91 | Medium |
| new org.itracker.web.util.EditProjectFormActionUtil$VersionInfo(int, String, String, Date, Long) may expose internal representation by storing an externally mutable object into EditProjectFormActionUtil$VersionInfo.lastModifiedDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 62 | Medium |
| org.itracker.web.util.EditProjectFormActionUtil$VersionInfo.setDate(Date) may expose internal representation by storing an externally mutable object into EditProjectFormActionUtil$VersionInfo.lastModifiedDate | MALICIOUS_CODE | EI_EXPOSE_REP2 | 95 | Medium |
org.itracker.web.util.HTMLUtilities
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Primitive boxed just to call toString in org.itracker.web.util.HTMLUtilities.escapeTags(String) | PERFORMANCE | DM_BOXED_PRIMITIVE_TOSTRING | 150 | Medium |
| org.itracker.web.util.HTMLUtilities.escapeTags(String) invokes inefficient new Integer(int) constructor; use Integer.valueOf(int) instead | PERFORMANCE | DM_NUMBER_CTOR | 150 | Medium |
org.itracker.web.util.ImportExportTags
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.util.ImportExportTags.DATE_FORMATTER is a static field of type java.text.DateFormat, which isn't thread safe | MT_CORRECTNESS | STCAL_STATIC_SIMPLE_DATE_FORMAT_INSTANCE | Not available | High |
org.itracker.web.util.ImportExportUtilities
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Call to method of static java.text.DateFormat in org.itracker.web.util.ImportExportUtilities.getIssueXML(Issue) | MT_CORRECTNESS | STCAL_INVOKE_ON_STATIC_DATE_FORMAT_INSTANCE | 283 | Medium |
org.itracker.web.util.ImportHandler
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Boxing/unboxing to parse a primitive org.itracker.web.util.ImportHandler.endElement(String, String, String) | PERFORMANCE | DM_BOXED_PRIMITIVE_FOR_PARSING | 276 | High |
| org.itracker.web.util.ImportHandler.startElement(String, String, String, Attributes) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead | PERFORMANCE | DM_NUMBER_CTOR | 86 | Medium |
| Call to method of static java.text.DateFormat in org.itracker.web.util.ImportHandler.getDateValue(String, String) | MT_CORRECTNESS | STCAL_INVOKE_ON_STATIC_DATE_FORMAT_INSTANCE | 516 | Medium |
| org.itracker.web.util.ImportHandler.endElement(String, String, String) makes inefficient use of keySet iterator instead of entrySet iterator | PERFORMANCE | WMI_WRONG_MAP_ITERATOR | 394 | Medium |
org.itracker.web.util.ListIssuesActionUtil
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.itracker.web.util.ListIssuesActionUtil.init(Action, ActionMessages, ActionMapping, HttpServletRequest) invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead | PERFORMANCE | DM_BOOLEAN_CTOR | 208 | Medium |
org.itracker.web.util.LoginUtilities
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Boxing/unboxing to parse a primitive org.itracker.web.util.LoginUtilities.getRequestAuthType(HttpServletRequest) | PERFORMANCE | DM_BOXED_PRIMITIVE_FOR_PARSING | 130 | High |
