request #9969 Two suspicious code fragments

Artifact

Infos

Artifact ID#9969

Submitted byAppChecker (appchecker)

Last Modified On2017-02-17 09:56

Submitted on2017-02-16 22:31

Rank10262

Details

Summary *

Two suspicious code fragments

Original Submission

Hi.

We've checked your project with static analysis tool AppChecker. It found two suspicious code fragments:

1) https://github.com/Enalean/tuleap/blob/d0053a4e617d11eb8fe3f6fa9641959f77875c83/plugins/docman/include/Docman_VersionDao.class.php#L340

$sql = 'SELECT v.id, v.number, v.item_id, v.user_id, v.label, v.changelog,'.
' v.create_date as date, v.filename, v.filesize, v.filetype, v.path '.
' FROM plugin_docman_version_deleted v '.
' WHERE v.item_id = ' . $this->da->quoteSmart($itemId);
' AND purge_date IS NULL';

Last string ' AND purge_date IS NULL' is not concatenated to SQL query

2) http://https://github.com/Enalean/tuleap/blob/e9c822b4042af43e80dcf98b2c35b58db147ea78/src/common/wiki/phpwiki/lib/HtmlParser.php#L353

if (!$alignment and preg_match("/float(right|left)/i",$css_class,$m));
  $alignment = $m[1];

Body of if statement actually is empty. Probably there is an extra semicolon.

AppChecker web-page - https://cnpo.ru/en/solutions/appchecker.php

CategoryEmpty

Reported in versionEmpty

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toEmpty

StatusAcknowledged

Close dateEmpty

Attachments

Connected artifacts

Artifact links

Empty

Reverse artifact links

Empty

AttachmentsEmpty

References

Cross references

References list is empty

Follow-ups

Thomas Gerbet (tgerbet)

2017-02-17 09:56

Thanks for the report.

Status changed from New to Acknowledged

Public

Artifact links

Reverse artifact links

Follow-ups