FindBugs Bug Detector Report
The following document contains the results of FindBugs Report
FindBugs Version is 1.3.9
Threshold is low
Effort is min
Files
org.apache.myfaces.shared_impl.renderkit.RendererUtils
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Can't close content since it is always null in org.apache.myfaces.shared_impl.renderkit.RendererUtils.loadResourceFile(FacesContext, String) | CORRECTNESS | NP_CLOSING_NULL | 912 | High |
Possible null pointer dereference of content in org.apache.myfaces.shared_impl.renderkit.RendererUtils.loadResourceFile(FacesContext, String) | CORRECTNESS | NP_NULL_ON_SOME_PATH | 931 | Medium |
org.apache.myfaces.shared_impl.renderkit.RendererUtils$1
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.apache.myfaces.shared_impl.renderkit.RendererUtils$1 defines equals and uses Object.hashCode() | BAD_PRACTICE | HE_EQUALS_USE_HASHCODE | 58 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
org.apache.myfaces.shared_impl.renderkit.html.HTML.ANCHOR_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 199 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.ANCHOR_PASSTHROUGH_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 212 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.ANCHOR_PASSTHROUGH_ATTRIBUTES_WITHOUT_ONCLICK_WITHOUT_STYLE should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 222 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.ANCHOR_PASSTHROUGH_ATTRIBUTES_WITHOUT_STYLE should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 217 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.BUTTON_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 317 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.BUTTON_PASSTHROUGH_ATTRIBUTES_WITHOUT_DISABLED should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 325 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.BUTTON_PASSTHROUGH_ATTRIBUTES_WITHOUT_DISABLED_AND_ONCLICK should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 329 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.COMMON_FIELD_ATTRIBUTES_WITHOUT_DISABLED should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 137 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.COMMON_FIELD_EVENT_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 88 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.COMMON_FIELD_EVENT_ATTRIBUTES_WITHOUT_ONFOCUS should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 96 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.COMMON_FIELD_EVENT_ATTRIBUTES_WITHOUT_ONSELECT_AND_ONCHANGE should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 103 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.COMMON_FIELD_PASSTROUGH_ATTRIBUTES_WITHOUT_DISABLED should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 164 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.COMMON_FIELD_PASSTROUGH_ATTRIBUTES_WITHOUT_DISABLED_AND_ONCLICK should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 179 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.COMMON_FIELD_PASSTROUGH_ATTRIBUTES_WITHOUT_DISABLED_AND_ONFOCUS_AND_ONCLICK should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 174 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.COMMON_PASSTROUGH_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 148 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.COMMON_PASSTROUGH_ATTRIBUTES_WITHOUT_ONCLICK should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 156 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.COMMON_PASSTROUGH_ATTRIBUTES_WITHOUT_ONCLICK_WITHOUT_STYLE should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 160 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.COMMON_PASSTROUGH_ATTRIBUTES_WITHOUT_ONMOUSEOVER_AND_ONMOUSEOUT should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 184 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.COMMON_PASSTROUGH_ATTRIBUTES_WITHOUT_STYLE should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 152 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.EVENT_HANDLER_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 78 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.EVENT_HANDLER_ATTRIBUTES_WITHOUT_ONCLICK should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 55 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.EVENT_HANDLER_ATTRIBUTES_WITHOUT_ONMOUSEOVER_AND_ONMOUSEOUT should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 67 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.FORM_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 233 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.FORM_PASSTHROUGH_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 242 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.IMG_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 257 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.IMG_PASSTHROUGH_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 270 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.INPUT_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 284 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.INPUT_FILE_UPLOAD_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 412 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.INPUT_PASSTHROUGH_ATTRIBUTES_WITHOUT_DISABLED should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 296 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.LABEL_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 340 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.MESSAGE_PASSTHROUGH_ATTRIBUTES_WITHOUT_TITLE_STYLE_AND_STYLE_CLASS should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 429 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.SELECT_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 355 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.SELECT_PASSTHROUGH_ATTRIBUTES_WITHOUT_DISABLED should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 361 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.SELECT_TABLE_PASSTHROUGH_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 436 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.TABLE_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 373 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.TABLE_PASSTHROUGH_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 387 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.TEXTAREA_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 396 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.TEXTAREA_PASSTHROUGH_ATTRIBUTES_WITHOUT_DISABLED should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 406 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.UL_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 440 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.UNIVERSAL_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 124 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.UNIVERSAL_ATTRIBUTES_WITHOUT_STYLE should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 116 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HTML.COMMON_FIELD_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 142 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HTML.COMMON_FIELD_PASSTROUGH_ATTRIBUTES_WITHOUT_DISABLED_AND_ONFOCUS should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 169 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HTML.IMG_PASSTHROUGH_ATTRIBUTES_WITHOUT_ONMOUSEOVER_AND_ONMOUSEOUT should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 274 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HTML.INPUT_FILE_PASSTHROUGH_ATTRIBUTES_WITHOUT_DISABLED should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 416 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HTML.INPUT_PASSTHROUGH_ATTRIBUTES_WITHOUT_DISABLED_AND_ONFOCUS_AND_ONCLICK should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 301 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HTML.LABEL_PASSTHROUGH_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 347 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HTML.UL_PASSTHROUGH_ATTRIBUTES should be moved out of an interface and made package protected | MALICIOUS_CODE | MS_OOI_PKGPROTECT | 444 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HtmlCheckboxRendererBase
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Unchecked/unconfirmed cast from javax.faces.model.SelectItem to javax.faces.model.SelectItemGroup in org.apache.myfaces.shared_impl.renderkit.html.HtmlCheckboxRendererBase.renderGroupOrItemCheckbox(FacesContext, UIComponent, SelectItem, boolean, Set, Converter, boolean) | STYLE | BC_UNCONFIRMED_CAST | 177 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HtmlFormRendererBase
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UIForm in org.apache.myfaces.shared_impl.renderkit.html.HtmlFormRendererBase.decode(FacesContext, UIComponent) | STYLE | BC_UNCONFIRMED_CAST | 222 | Low |
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UIForm in org.apache.myfaces.shared_impl.renderkit.html.HtmlFormRendererBase.encodeBegin(FacesContext, UIComponent) | STYLE | BC_UNCONFIRMED_CAST | 98 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HtmlListboxRendererBase
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
instanceof will always return true in org.apache.myfaces.shared_impl.renderkit.html.HtmlListboxRendererBase.encodeEnd(FacesContext, UIComponent), since all javax.faces.component.html.HtmlSelectOneListbox are instances of javax.faces.component.html.HtmlSelectOneListbox | STYLE | BC_VACUOUS_INSTANCEOF | 68 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HtmlRadioRendererBase
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UISelectOne in org.apache.myfaces.shared_impl.renderkit.html.HtmlRadioRendererBase.encodeEnd(FacesContext, UIComponent) | STYLE | BC_UNCONFIRMED_CAST | 59 | Low |
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UIOutput in org.apache.myfaces.shared_impl.renderkit.html.HtmlRadioRendererBase.getConvertedValue(FacesContext, UIComponent, Object) | STYLE | BC_UNCONFIRMED_CAST | 300 | Low |
Unchecked/unconfirmed cast from javax.faces.model.SelectItem to javax.faces.model.SelectItemGroup in org.apache.myfaces.shared_impl.renderkit.html.HtmlRadioRendererBase.renderGroupOrItemRadio(FacesContext, UIComponent, SelectItem, Object, Converter, boolean) | STYLE | BC_UNCONFIRMED_CAST | 165 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HtmlRendererUtils
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UIOutput in org.apache.myfaces.shared_impl.renderkit.html.HtmlRendererUtils.findUIOutputConverterFailSafe(FacesContext, UIComponent) | STYLE | BC_UNCONFIRMED_CAST | 376 | Low |
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UISelectMany in org.apache.myfaces.shared_impl.renderkit.html.HtmlRendererUtils.findUISelectManyConverterFailsafe(FacesContext, UIComponent) | STYLE | BC_UNCONFIRMED_CAST | 362 | Low |
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UISelectMany in org.apache.myfaces.shared_impl.renderkit.html.HtmlRendererUtils.getSubmittedOrSelectedValuesAsSet(boolean, UIComponent, FacesContext, Converter) | STYLE | BC_UNCONFIRMED_CAST | 335 | Low |
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UISelectOne in org.apache.myfaces.shared_impl.renderkit.html.HtmlRendererUtils.getSubmittedOrSelectedValuesAsSet(boolean, UIComponent, FacesContext, Converter) | STYLE | BC_UNCONFIRMED_CAST | 342 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HtmlRendererUtils.DEFAULT_CHAR_ENCODING isn't final but should be | MALICIOUS_CODE | MS_SHOULD_BE_FINAL | 1346 | Low |
Method call in org.apache.myfaces.shared_impl.renderkit.html.HtmlRendererUtils.renderDisplayValueOnlyForSelects(FacesContext, UIComponent) passes null for nonnull parameter of renderSelectOptionsAsText(FacesContext, UIComponent, Converter, Set, List, boolean) | CORRECTNESS | NP_NULL_PARAM_DEREF | 668 | Medium |
org.apache.myfaces.shared_impl.renderkit.html.HtmlResponseWriterImpl
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 117 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 189 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 263 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 359 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HtmlSecretRendererBase
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UIOutput in org.apache.myfaces.shared_impl.renderkit.html.HtmlSecretRendererBase.getConvertedValue(FacesContext, UIComponent, Object) | STYLE | BC_UNCONFIRMED_CAST | 106 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HtmlTableRendererBase
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UIData in org.apache.myfaces.shared_impl.renderkit.html.HtmlTableRendererBase.encodeBegin(FacesContext, UIComponent) | STYLE | BC_UNCONFIRMED_CAST | 105 | Low |
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UIData in org.apache.myfaces.shared_impl.renderkit.html.HtmlTableRendererBase.encodeChildren(FacesContext, UIComponent) | STYLE | BC_UNCONFIRMED_CAST | 133 | Low |
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UIData in org.apache.myfaces.shared_impl.renderkit.html.HtmlTableRendererBase.encodeEnd(FacesContext, UIComponent) | STYLE | BC_UNCONFIRMED_CAST | 547 | Low |
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UIData in org.apache.myfaces.shared_impl.renderkit.html.HtmlTableRendererBase.encodeInnerHtml(FacesContext, UIComponent) | STYLE | BC_UNCONFIRMED_CAST | 215 | Low |
Redundant nullcheck of elemName, which is known to be non-null in org.apache.myfaces.shared_impl.renderkit.html.HtmlTableRendererBase.renderFacet(FacesContext, ResponseWriter, UIComponent, boolean) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 631 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HtmlTextRendererBase
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UIOutput in org.apache.myfaces.shared_impl.renderkit.html.HtmlTextRendererBase.getConvertedValue(FacesContext, UIComponent, Object) | STYLE | BC_UNCONFIRMED_CAST | 191 | Low |
org.apache.myfaces.shared_impl.renderkit.html.HtmlTextareaRendererBase
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Unchecked/unconfirmed cast from javax.faces.component.UIComponent to javax.faces.component.UIOutput in org.apache.myfaces.shared_impl.renderkit.html.HtmlTextareaRendererBase.getConvertedValue(FacesContext, UIComponent, Object) | STYLE | BC_UNCONFIRMED_CAST | 92 | Low |
org.apache.myfaces.shared_impl.renderkit.html.util.JavascriptUtils
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 149 | Low |
Switch statement found in org.apache.myfaces.shared_impl.renderkit.html.util.JavascriptUtils.encodeString(String) where default case is missing | STYLE | SF_SWITCH_NO_DEFAULT | 206 | Low |
org.apache.myfaces.shared_impl.test.ClassElementHandler
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
ClassElementHandler.buffer not initialized in constructor | STYLE | UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR | Low |
org.apache.myfaces.shared_impl.util.ExceptionUtils
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Exception is caught when Exception is not thrown in org.apache.myfaces.shared_impl.util.ExceptionUtils.getExceptions(Throwable) | STYLE | REC_CATCH_EXCEPTION | 59 | Low |
org.apache.myfaces.shared_impl.util.LocaleUtils
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Exception is caught when Exception is not thrown in org.apache.myfaces.shared_impl.util.LocaleUtils.converterTagLocaleFromString(String) | STYLE | REC_CATCH_EXCEPTION | 136 | Low |
org.apache.myfaces.shared_impl.util.MessageUtils
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Method call in org.apache.myfaces.shared_impl.util.MessageUtils.getMessageFromBundle(String, String, Object[]) passes null for nonnull parameter of getMessageFromBundle(String, FacesContext, Locale, String, Object[]) | CORRECTNESS | NP_NULL_PARAM_DEREF | 263 | Medium |
Redundant comparison of non-null value to null in org.apache.myfaces.shared_impl.util.MessageUtils.getMessage(String, FacesContext, String, Object[]) | STYLE | RCN_REDUNDANT_COMPARISON_OF_NULL_AND_NONNULL_VALUE | 588 | Low |
Redundant comparison of non-null value to null in org.apache.myfaces.shared_impl.util.MessageUtils.getMessage(FacesContext, String, Object[]) | STYLE | RCN_REDUNDANT_COMPARISON_OF_NULL_AND_NONNULL_VALUE | 568 | Low |
Redundant nullcheck of message, which is known to be non-null in org.apache.myfaces.shared_impl.util.MessageUtils.getMessage(String, FacesContext, String, Object[]) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 591 | Low |
Redundant nullcheck of message, which is known to be non-null in org.apache.myfaces.shared_impl.util.MessageUtils.getMessage(FacesContext, String, Object[]) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 571 | Low |
org.apache.myfaces.shared_impl.util.ParametrizableFacesMessage
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
new org.apache.myfaces.shared_impl.util.ParametrizableFacesMessage(String, String, Object[], Locale) may expose internal representation by storing an externally mutable object into ParametrizableFacesMessage._args | MALICIOUS_CODE | EI_EXPOSE_REP2 | 54 | Medium |
new org.apache.myfaces.shared_impl.util.ParametrizableFacesMessage(FacesMessage$Severity, String, String, Object[], Locale) may expose internal representation by storing an externally mutable object into ParametrizableFacesMessage._args | MALICIOUS_CODE | EI_EXPOSE_REP2 | 63 | Medium |
The field org.apache.myfaces.shared_impl.util.ParametrizableFacesMessage._evaluatedArgs is transient but isn't set by deserialization | BAD_PRACTICE | SE_TRANSIENT_FIELD_NOT_RESTORED | Low |
org.apache.myfaces.shared_impl.util.StateUtils
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
instanceof will always return true in org.apache.myfaces.shared_impl.util.StateUtils.getMacSecret(ExternalContext), since all javax.crypto.SecretKey are instances of javax.crypto.SecretKey | STYLE | BC_VACUOUS_INSTANCEOF | 936 | Medium |
instanceof will always return true in org.apache.myfaces.shared_impl.util.StateUtils.getSecret(ExternalContext), since all javax.crypto.SecretKey are instances of javax.crypto.SecretKey | STYLE | BC_VACUOUS_INSTANCEOF | 791 | Medium |
Dead store of null to baos in org.apache.myfaces.shared_impl.util.StateUtils.compress(byte[]) | STYLE | DLS_DEAD_LOCAL_STORE_OF_NULL | 346 | Low |
Dead store of null to gzip in org.apache.myfaces.shared_impl.util.StateUtils.compress(byte[]) | STYLE | DLS_DEAD_LOCAL_STORE_OF_NULL | 345 | Low |
Dead store of null to bais in org.apache.myfaces.shared_impl.util.StateUtils.decompress(byte[]) | STYLE | DLS_DEAD_LOCAL_STORE_OF_NULL | 417 | Low |
Dead store of null to baos in org.apache.myfaces.shared_impl.util.StateUtils.decompress(byte[]) | STYLE | DLS_DEAD_LOCAL_STORE_OF_NULL | 416 | Low |
Dead store of null to gis in org.apache.myfaces.shared_impl.util.StateUtils.decompress(byte[]) | STYLE | DLS_DEAD_LOCAL_STORE_OF_NULL | 418 | Low |
Dead store of null to outputStream in org.apache.myfaces.shared_impl.util.StateUtils.getAsByteArray(Object, ExternalContext) | STYLE | DLS_DEAD_LOCAL_STORE_OF_NULL | 274 | Low |
Dead store of null to writer in org.apache.myfaces.shared_impl.util.StateUtils.getAsByteArray(Object, ExternalContext) | STYLE | DLS_DEAD_LOCAL_STORE_OF_NULL | 273 | Low |
Random object created and used only once in org.apache.myfaces.shared_impl.util.StateUtils.findMacSecret(String, String) | BAD_PRACTICE | DMI_RANDOM_USED_ONLY_ONCE | 986 | High |
Random object created and used only once in org.apache.myfaces.shared_impl.util.StateUtils.findSecret(String, String) | BAD_PRACTICE | DMI_RANDOM_USED_ONLY_ONCE | 841 | High |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 667 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 679 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 645 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 630 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 861 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 874 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 950 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 962 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 805 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 817 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 907 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 762 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 724 | Low |
Use of non-localized String.toUpperCase() or String.toLowerCase | I18N | DM_CONVERT_CASE | 189 | Low |
Exception is caught when Exception is not thrown in org.apache.myfaces.shared_impl.util.StateUtils.decrypt(byte[], ExternalContext) | STYLE | REC_CATCH_EXCEPTION | 490 | Low |
Exception is caught when Exception is not thrown in org.apache.myfaces.shared_impl.util.StateUtils.encrypt(byte[], ExternalContext) | STYLE | REC_CATCH_EXCEPTION | 328 | Low |
Exception is caught when Exception is not thrown in org.apache.myfaces.shared_impl.util.StateUtils.getAsObject(byte[], ExternalContext) | STYLE | REC_CATCH_EXCEPTION | 552 | Low |
org.apache.myfaces.shared_impl.util.StringUtils
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Should org.apache.myfaces.shared_impl.util.StringUtils.trim(String[]) return a zero length array rather than null? | STYLE | PZLA_PREFER_ZERO_LENGTH_ARRAYS | 685 | Low |
org.apache.myfaces.shared_impl.util._Constants
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Redundant nullcheck of ret, which is known to be non-null in org.apache.myfaces.shared_impl.util._Constants.getStringResource(String) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 185 | Low |
org.apache.myfaces.shared_impl.util.servlet.SourceCodeServlet
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Exception is caught when Exception is not thrown in org.apache.myfaces.shared_impl.util.servlet.SourceCodeServlet.doGet(HttpServletRequest, HttpServletResponse) | STYLE | REC_CATCH_EXCEPTION | 87 | Low |
org.apache.myfaces.shared_impl.util.servlet.SourceCodeServlet is Serializable; consider declaring a serialVersionUID | BAD_PRACTICE | SE_NO_SERIALVERSIONID | 26 | Low |
org.apache.myfaces.shared_impl.webapp.webxml.WebXmlParser
Bug | Category | Details | Line | Priority |
---|---|---|---|---|
Exception is caught when Exception is not thrown in org.apache.myfaces.shared_impl.webapp.webxml.WebXmlParser.parse() | STYLE | REC_CATCH_EXCEPTION | 112 | Low |