Fork me on GitHub

FindBugs Bug Detector Report

The following document contains the results of FindBugs

FindBugs Version is 3.0.1

Threshold is

Effort is max

Summary

Classes Bugs Errors Missing Classes
24 18 0 0

Files

Class Bugs
fr.paris.lutece.plugins.extend.modules.comment.business.AddCommentPosition 2
fr.paris.lutece.plugins.extend.modules.comment.business.Comment 4
fr.paris.lutece.plugins.extend.modules.comment.business.CommentDAO 2
fr.paris.lutece.plugins.extend.modules.comment.service.CommentService 1
fr.paris.lutece.plugins.extend.modules.comment.web.CommentApp 1
fr.paris.lutece.plugins.extend.modules.comment.web.CommentJspBean 5
fr.paris.lutece.plugins.extend.modules.comment.web.component.CommentResourceExtenderComponent 3

fr.paris.lutece.plugins.extend.modules.comment.business.AddCommentPosition

Bug Category Details Line Priority
Incorrect lazy initialization and update of static field fr.paris.lutece.plugins.extend.modules.comment.business.AddCommentPosition._allPositions in fr.paris.lutece.plugins.extend.modules.comment.business.AddCommentPosition.getAllPositions() MT_CORRECTNESS LI_LAZY_INIT_UPDATE_STATIC 60-62 High
fr.paris.lutece.plugins.extend.modules.comment.business.AddCommentPosition._allPositions should be package protected MALICIOUS_CODE MS_PKGPROTECT Not available Medium

fr.paris.lutece.plugins.extend.modules.comment.business.Comment

Bug Category Details Line Priority
fr.paris.lutece.plugins.extend.modules.comment.business.Comment.getDateComment() may expose internal representation by returning Comment._dateComment MALICIOUS_CODE EI_EXPOSE_REP 131 Medium
fr.paris.lutece.plugins.extend.modules.comment.business.Comment.getDateLastModif() may expose internal representation by returning Comment._dateLastModif MALICIOUS_CODE EI_EXPOSE_REP 152 Medium
fr.paris.lutece.plugins.extend.modules.comment.business.Comment.setDateComment(Timestamp) may expose internal representation by storing an externally mutable object into Comment._dateComment MALICIOUS_CODE EI_EXPOSE_REP2 142 Medium
fr.paris.lutece.plugins.extend.modules.comment.business.Comment.setDateLastModif(Timestamp) may expose internal representation by storing an externally mutable object into Comment._dateLastModif MALICIOUS_CODE EI_EXPOSE_REP2 163 Medium

fr.paris.lutece.plugins.extend.modules.comment.business.CommentDAO

Bug Category Details Line Priority
Dead store to nIndex in fr.paris.lutece.plugins.extend.modules.comment.business.CommentDAO.countByIdParent(int, boolean, Plugin) STYLE DLS_DEAD_LOCAL_STORE 491 Medium
Dead store to nIndex in fr.paris.lutece.plugins.extend.modules.comment.business.CommentDAO.findCommentsByLuteceUserName(String, Plugin) STYLE DLS_DEAD_LOCAL_STORE 734 Medium

fr.paris.lutece.plugins.extend.modules.comment.service.CommentService

Bug Category Details Line Priority
Dead store to listSubComments in fr.paris.lutece.plugins.extend.modules.comment.service.CommentService.findLastComments(String, String, int, boolean, boolean, boolean, boolean, boolean) STYLE DLS_DEAD_LOCAL_STORE 261 Medium

fr.paris.lutece.plugins.extend.modules.comment.web.CommentApp

Bug Category Details Line Priority
HTTP parameter directly written to HTTP header output in fr.paris.lutece.plugins.extend.modules.comment.web.CommentApp.doRemoveComment(HttpServletRequest, String, String) SECURITY HRS_REQUEST_PARAMETER_TO_HTTP_HEADER 864 Medium

fr.paris.lutece.plugins.extend.modules.comment.web.CommentJspBean

Bug Category Details Line Priority
fr.paris.lutece.plugins.extend.modules.comment.web.CommentJspBean.addIdExtendableResourceInUrl(String, HttpServletRequest, UrlItem) invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead PERFORMANCE DM_BOOLEAN_CTOR 394 Medium
fr.paris.lutece.plugins.extend.modules.comment.web.CommentJspBean.getCreateComment(HttpServletRequest) invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead PERFORMANCE DM_BOOLEAN_CTOR 301 Medium
Class fr.paris.lutece.plugins.extend.modules.comment.web.CommentJspBean defines non-transient non-serializable instance field _commentService BAD_PRACTICE SE_BAD_FIELD Not available Medium
Class fr.paris.lutece.plugins.extend.modules.comment.web.CommentJspBean defines non-transient non-serializable instance field _resourceExtenderService BAD_PRACTICE SE_BAD_FIELD Not available Medium
Class fr.paris.lutece.plugins.extend.modules.comment.web.CommentJspBean defines non-transient non-serializable instance field _resourceHistoryService BAD_PRACTICE SE_BAD_FIELD Not available Medium

fr.paris.lutece.plugins.extend.modules.comment.web.component.CommentResourceExtenderComponent

Bug Category Details Line Priority
fr.paris.lutece.plugins.extend.modules.comment.web.component.CommentResourceExtenderComponent.getInfoHtml(ResourceExtenderDTO, Locale, HttpServletRequest) invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead PERFORMANCE DM_BOOLEAN_CTOR 394 Medium
Possible null pointer dereference of config in fr.paris.lutece.plugins.extend.modules.comment.web.component.CommentResourceExtenderComponent.getPageAddOn(String, String, String, HttpServletRequest) CORRECTNESS NP_NULL_ON_SOME_PATH 155 Medium
Nullcheck of config at line 155 of value previously dereferenced in fr.paris.lutece.plugins.extend.modules.comment.web.component.CommentResourceExtenderComponent.getPageAddOn(String, String, String, HttpServletRequest) CORRECTNESS RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE 155 Medium