FindBugs Bug Detector Report
The following document contains the results of FindBugs
FindBugs Version is 3.0.1
Threshold is
Effort is max
Summary
| Classes |
Bugs |
Errors |
Missing Classes |
| 24 |
18 |
0 |
0 |
fr.paris.lutece.plugins.extend.modules.comment.business.AddCommentPosition
| Bug |
Category |
Details |
Line |
Priority |
| Incorrect lazy initialization and update of static field fr.paris.lutece.plugins.extend.modules.comment.business.AddCommentPosition._allPositions in fr.paris.lutece.plugins.extend.modules.comment.business.AddCommentPosition.getAllPositions() |
MT_CORRECTNESS |
LI_LAZY_INIT_UPDATE_STATIC |
60-62 |
High |
| fr.paris.lutece.plugins.extend.modules.comment.business.AddCommentPosition._allPositions should be package protected |
MALICIOUS_CODE |
MS_PKGPROTECT |
Not available |
Medium |
fr.paris.lutece.plugins.extend.modules.comment.business.Comment
| Bug |
Category |
Details |
Line |
Priority |
| fr.paris.lutece.plugins.extend.modules.comment.business.Comment.getDateComment() may expose internal representation by returning Comment._dateComment |
MALICIOUS_CODE |
EI_EXPOSE_REP |
131 |
Medium |
| fr.paris.lutece.plugins.extend.modules.comment.business.Comment.getDateLastModif() may expose internal representation by returning Comment._dateLastModif |
MALICIOUS_CODE |
EI_EXPOSE_REP |
152 |
Medium |
| fr.paris.lutece.plugins.extend.modules.comment.business.Comment.setDateComment(Timestamp) may expose internal representation by storing an externally mutable object into Comment._dateComment |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
142 |
Medium |
| fr.paris.lutece.plugins.extend.modules.comment.business.Comment.setDateLastModif(Timestamp) may expose internal representation by storing an externally mutable object into Comment._dateLastModif |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
163 |
Medium |
fr.paris.lutece.plugins.extend.modules.comment.business.CommentDAO
| Bug |
Category |
Details |
Line |
Priority |
| Dead store to nIndex in fr.paris.lutece.plugins.extend.modules.comment.business.CommentDAO.countByIdParent(int, boolean, Plugin) |
STYLE |
DLS_DEAD_LOCAL_STORE |
491 |
Medium |
| Dead store to nIndex in fr.paris.lutece.plugins.extend.modules.comment.business.CommentDAO.findCommentsByLuteceUserName(String, Plugin) |
STYLE |
DLS_DEAD_LOCAL_STORE |
734 |
Medium |
fr.paris.lutece.plugins.extend.modules.comment.service.CommentService
| Bug |
Category |
Details |
Line |
Priority |
| Dead store to listSubComments in fr.paris.lutece.plugins.extend.modules.comment.service.CommentService.findLastComments(String, String, int, boolean, boolean, boolean, boolean, boolean) |
STYLE |
DLS_DEAD_LOCAL_STORE |
261 |
Medium |
fr.paris.lutece.plugins.extend.modules.comment.web.CommentApp
| Bug |
Category |
Details |
Line |
Priority |
| HTTP parameter directly written to HTTP header output in fr.paris.lutece.plugins.extend.modules.comment.web.CommentApp.doRemoveComment(HttpServletRequest, String, String) |
SECURITY |
HRS_REQUEST_PARAMETER_TO_HTTP_HEADER |
864 |
Medium |
fr.paris.lutece.plugins.extend.modules.comment.web.CommentJspBean
| Bug |
Category |
Details |
Line |
Priority |
| fr.paris.lutece.plugins.extend.modules.comment.web.CommentJspBean.addIdExtendableResourceInUrl(String, HttpServletRequest, UrlItem) invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead |
PERFORMANCE |
DM_BOOLEAN_CTOR |
394 |
Medium |
| fr.paris.lutece.plugins.extend.modules.comment.web.CommentJspBean.getCreateComment(HttpServletRequest) invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead |
PERFORMANCE |
DM_BOOLEAN_CTOR |
301 |
Medium |
| Class fr.paris.lutece.plugins.extend.modules.comment.web.CommentJspBean defines non-transient non-serializable instance field _commentService |
BAD_PRACTICE |
SE_BAD_FIELD |
Not available |
Medium |
| Class fr.paris.lutece.plugins.extend.modules.comment.web.CommentJspBean defines non-transient non-serializable instance field _resourceExtenderService |
BAD_PRACTICE |
SE_BAD_FIELD |
Not available |
Medium |
| Class fr.paris.lutece.plugins.extend.modules.comment.web.CommentJspBean defines non-transient non-serializable instance field _resourceHistoryService |
BAD_PRACTICE |
SE_BAD_FIELD |
Not available |
Medium |
fr.paris.lutece.plugins.extend.modules.comment.web.component.CommentResourceExtenderComponent
| Bug |
Category |
Details |
Line |
Priority |
| fr.paris.lutece.plugins.extend.modules.comment.web.component.CommentResourceExtenderComponent.getInfoHtml(ResourceExtenderDTO, Locale, HttpServletRequest) invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead |
PERFORMANCE |
DM_BOOLEAN_CTOR |
394 |
Medium |
| Possible null pointer dereference of config in fr.paris.lutece.plugins.extend.modules.comment.web.component.CommentResourceExtenderComponent.getPageAddOn(String, String, String, HttpServletRequest) |
CORRECTNESS |
NP_NULL_ON_SOME_PATH |
155 |
Medium |
| Nullcheck of config at line 155 of value previously dereferenced in fr.paris.lutece.plugins.extend.modules.comment.web.component.CommentResourceExtenderComponent.getPageAddOn(String, String, String, HttpServletRequest) |
CORRECTNESS |
RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE |
155 |
Medium |
