[ofbiz-framework] branch trunk updated: Improved: Fix some bugs Spotbugs reports (OFBIZ-12386)

[jleroux]

This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git


The following commit(s) were added to refs/heads/trunk by this push:
     new 5d64a88  Improved:  Fix some bugs Spotbugs reports (OFBIZ-12386)
5d64a88 is described below

commit 5d64a88226ba58fa2ff71214a5499212f5523e77
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Sun Dec 5 08:19:42 2021 +0100

    Improved:  Fix some bugs Spotbugs reports (OFBIZ-12386)
    
    Uses SecureRandom rather than Random class in classes
    SampleHtmlThread
    PaymentGatewayServices
    FinAccountHelper
    OrderTestServices
    ProductStoreWorker
---
 .../apache/ofbiz/accounting/payment/GiftCertificateServices.java  | 5 ++---
 .../apache/ofbiz/accounting/payment/PaymentGatewayServices.java   | 8 ++++----
 .../java/org/apache/ofbiz/order/finaccount/FinAccountHelper.java  | 4 ++--
 .../main/java/org/apache/ofbiz/order/test/OrderTestServices.java  | 4 ++--
 .../java/org/apache/ofbiz/product/store/ProductStoreWorker.java   | 4 ++--
 5 files changed, 12 insertions(+), 13 deletions(-)

diff --git 
a/applications/accounting/src/main/java/org/apache/ofbiz/accounting/payment/GiftCertificateServices.java
 
b/applications/accounting/src/main/java/org/apache/ofbiz/accounting/payment/GiftCertificateServices.java
index 1a566ab..9f0edef 100644
--- 
a/applications/accounting/src/main/java/org/apache/ofbiz/accounting/payment/GiftCertificateServices.java
+++ 
b/applications/accounting/src/main/java/org/apache/ofbiz/accounting/payment/GiftCertificateServices.java
@@ -25,7 +25,6 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
-import java.util.Random;
 
 import org.apache.ofbiz.base.util.Debug;
 import org.apache.ofbiz.base.util.GeneralException;
@@ -1418,13 +1417,13 @@ public class GiftCertificateServices {
             length = 19;
         }
 
-        Random rand = new SecureRandom();
+        SecureRandom secureRandom = new SecureRandom();
         boolean isValid = false;
         StringBuilder number = null;
         while (!isValid) {
             number = new StringBuilder("");
             for (int i = 0; i < length; i++) {
-                int randInt = rand.nextInt(9);
+                int randInt = secureRandom.nextInt(9);
                 number.append(randInt);
             }
 
diff --git 
a/applications/accounting/src/main/java/org/apache/ofbiz/accounting/payment/PaymentGatewayServices.java
 
b/applications/accounting/src/main/java/org/apache/ofbiz/accounting/payment/PaymentGatewayServices.java
index 8a0316b..382d691 100644
--- 
a/applications/accounting/src/main/java/org/apache/ofbiz/accounting/payment/PaymentGatewayServices.java
+++ 
b/applications/accounting/src/main/java/org/apache/ofbiz/accounting/payment/PaymentGatewayServices.java
@@ -20,6 +20,7 @@ package org.apache.ofbiz.accounting.payment;
 
 import java.math.BigDecimal;
 import java.math.RoundingMode;
+import java.security.SecureRandom;
 import java.sql.Timestamp;
 import java.util.Collection;
 import java.util.Date;
@@ -29,13 +30,12 @@ import java.util.LinkedList;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
-import java.util.Random;
 import java.util.Set;
 
 import org.apache.ofbiz.accounting.invoice.InvoiceWorker;
 import org.apache.ofbiz.base.util.Debug;
-import org.apache.ofbiz.base.util.ObjectType;
 import org.apache.ofbiz.base.util.GeneralException;
+import org.apache.ofbiz.base.util.ObjectType;
 import org.apache.ofbiz.base.util.StringUtil;
 import org.apache.ofbiz.base.util.UtilDateTime;
 import org.apache.ofbiz.base.util.UtilGenerics;
@@ -3441,8 +3441,8 @@ public class PaymentGatewayServices {
         Locale locale = (Locale) context.get("locale");
         Map<String, Object> result = ServiceUtil.returnSuccess();
         String refNum = UtilDateTime.nowAsString();
-        Random r = new Random();
-        int i = r.nextInt(9);
+        SecureRandom secureRandom = new SecureRandom();
+        int i = secureRandom.nextInt(9);
         if (i < 5 || i % 2 == 0) {
             result.put("authResult", Boolean.TRUE);
             result.put("authFlag", "A");
diff --git 
a/applications/order/src/main/java/org/apache/ofbiz/order/finaccount/FinAccountHelper.java
 
b/applications/order/src/main/java/org/apache/ofbiz/order/finaccount/FinAccountHelper.java
index ee33a8d..166d3db 100644
--- 
a/applications/order/src/main/java/org/apache/ofbiz/order/finaccount/FinAccountHelper.java
+++ 
b/applications/order/src/main/java/org/apache/ofbiz/order/finaccount/FinAccountHelper.java
@@ -21,10 +21,10 @@ package org.apache.ofbiz.order.finaccount;
 
 import java.math.BigDecimal;
 import java.math.RoundingMode;
+import java.security.SecureRandom;
 import java.sql.Timestamp;
 import java.util.List;
 import java.util.Locale;
-import java.util.Random;
 
 import org.apache.ofbiz.base.util.Debug;
 import org.apache.ofbiz.base.util.UtilDateTime;
@@ -117,7 +117,7 @@ public final class FinAccountHelper {
     public static String getNewFinAccountCode(int codeLength, Delegator 
delegator) throws GenericEntityException {
 
         // keep generating new account codes until a unique one is found
-        Random r = new Random();
+        SecureRandom r = new SecureRandom();
         boolean foundUniqueNewCode = false;
         StringBuilder newAccountCode = null;
         long count = 0;
diff --git 
a/applications/order/src/main/java/org/apache/ofbiz/order/test/OrderTestServices.java
 
b/applications/order/src/main/java/org/apache/ofbiz/order/test/OrderTestServices.java
index 6a3da4a..e492b84 100644
--- 
a/applications/order/src/main/java/org/apache/ofbiz/order/test/OrderTestServices.java
+++ 
b/applications/order/src/main/java/org/apache/ofbiz/order/test/OrderTestServices.java
@@ -19,11 +19,11 @@
 package org.apache.ofbiz.order.test;
 
 import java.math.BigDecimal;
+import java.security.SecureRandom;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
-import java.util.Random;
 
 import org.apache.ofbiz.base.util.Debug;
 import org.apache.ofbiz.base.util.UtilGenerics;
@@ -120,7 +120,7 @@ public class OrderTestServices {
                     UtilMisc.toMap("productCategoryId", productCategoryId), 
locale));
         }
 
-        Random r = new Random();
+        SecureRandom r = new SecureRandom();
 
         ShoppingCart cart = new ShoppingCart(delegator, productStoreId, 
locale, currencyUomId);
         cart.setOrderType("SALES_ORDER");
diff --git 
a/applications/product/src/main/java/org/apache/ofbiz/product/store/ProductStoreWorker.java
 
b/applications/product/src/main/java/org/apache/ofbiz/product/store/ProductStoreWorker.java
index c6ab823..7fbe820 100644
--- 
a/applications/product/src/main/java/org/apache/ofbiz/product/store/ProductStoreWorker.java
+++ 
b/applications/product/src/main/java/org/apache/ofbiz/product/store/ProductStoreWorker.java
@@ -19,12 +19,12 @@
 package org.apache.ofbiz.product.store;
 
 import java.math.BigDecimal;
+import java.security.SecureRandom;
 import java.util.HashMap;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
-import java.util.Random;
 import java.util.TimeZone;
 
 import javax.servlet.ServletRequest;
@@ -453,7 +453,7 @@ public final class ProductStoreWorker {
             partyId, Map<String, Object> passThruFields) {
         List<GenericValue> randomSurveys = getSurveys(delegator, 
productStoreId, groupName, null, "RANDOM_POLL", null);
         if (UtilValidate.isNotEmpty(randomSurveys)) {
-            Random rand = new Random();
+            SecureRandom rand = new SecureRandom();
             int index = rand.nextInt(randomSurveys.size());
             GenericValue appl = randomSurveys.get(index);
             return new ProductStoreSurveyWrapper(appl, partyId, 
passThruFields);