ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bolke de Bruin (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (RANGER-847) Fix code scan issues
Date Tue, 16 Feb 2016 18:52:18 GMT

    [ https://issues.apache.org/jira/browse/RANGER-847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15149082#comment-15149082
] 

Bolke de Bruin edited comment on RANGER-847 at 2/16/16 6:52 PM:
----------------------------------------------------------------

I will pick this up, but I wonder: only the last one was introduced by me (not checking for
null) the rest was already in place. Are these scans new?

Furthermore, are the "out of scope" issues real? Reader gets brought into scope and can get
garbage collected as far as I can gather.

(And how to run them myself?)


was (Author: bolke):
I will pick this up, but I wonder: only the last one was introduced by me (not checking for
null) the rest was already in place. Are these scans new?

(And how to run them myself?)

> Fix code scan issues
> --------------------
>
>                 Key: RANGER-847
>                 URL: https://issues.apache.org/jira/browse/RANGER-847
>             Project: Ranger
>          Issue Type: Bug
>    Affects Versions: 0.6.0
>            Reporter: Velmurugan Periasamy
>            Assignee: Bolke de Bruin
>             Fix For: 0.6.0
>
>
> Coverity scan reports below issues. Need to be fixed.
> {noformat} 
>  CID 135584:    (FB.DM_DEFAULT_ENCODING)
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
179 in org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
271 in org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
179 in org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
> 173     	private void buildUnixUserList(String command) throws Throwable {
> 174     		BufferedReader reader = null;
> 175    
> 176     		if (!useNss) {
> 177     			File file = new File(UNIX_USER_PASSWORD_FILE);
> 178     			passwordFileModifiedAt = file.lastModified();
>      CID 135584:    (FB.DM_DEFAULT_ENCODING)
>      Found reliance on default encoding: new java.io.FileReader(File).
> 179     			reader = new BufferedReader(new FileReader(file)) ;
> 180     		} else {
> 181     			Process process = Runtime.getRuntime().exec(
> 182     					new String[]{"bash", "-c", command});
> 183    
> 184     			reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
271 in org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
> 265    
> 266     				// "id" is same across Linux / BSD / MacOSX
> 267     				// gids are used as id might return groups with spaces, ie "domain users"
> 268     				Process process = Runtime.getRuntime().exec(
> 269     						new String[]{"bash", "-c", "id -G " + entry.getKey()});
> 270    
>      CID 135584:    (FB.DM_DEFAULT_ENCODING)
>      Another occurrence here
> 271     				reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
> 272     				line = reader.readLine();
> 273     				reader.close();
> 274    
> 275     				LOG.debug("id -G returned " + line);
> 276    
> {noformat}
> {noformat}
>  CID 135583:    (FB.DM_DEFAULT_ENCODING)
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
349 in org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
java.lang.String, boolean)()
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
412 in org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
java.lang.String, boolean)()
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
349 in org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
java.lang.String, boolean)()
> 343     		LOG.debug("Start enumerating groups");
> 344     		BufferedReader reader;
> 345    
> 346     		if (!useNss) {
> 347     			File file = new File(UNIX_GROUP_FILE);
> 348     			groupFileModifiedAt = file.lastModified();
>      CID 135583:    (FB.DM_DEFAULT_ENCODING)
>      Found reliance on default encoding: new java.io.FileReader(File).
> 349     			reader = new BufferedReader(new FileReader(file)) ;
> 350     		} else {
> 351     			Process process = Runtime.getRuntime().exec(
> 352     					new String[]{"bash", "-c", allGroupsCmd});
> 353     			reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
> 354     		}
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
412 in org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
java.lang.String, boolean)()
> 406     			for (String group : groups) {
> 407     				String command = String.format(groupCmd, group);
> 408     				String[] cmd = new String[]{"bash", "-c", command + " '" + group + "'"};
> 409     				LOG.debug("Executing: " + Arrays.toString(cmd));
> 410    
> 411     				Process process = Runtime.getRuntime().exec(cmd);
>      CID 135583:    (FB.DM_DEFAULT_ENCODING)
>      Another occurrence here
> 412     				reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
> 413     				line = reader.readLine();
> 414     				reader.close();
> 415     				LOG.debug("bash -c " + command + " for group " + group + " returned " + line);
> 416    
> 417     				parseMembers(line);
> {noformat}
> {noformat}
>  CID 135582:  Exceptional resource leaks  (RESOURCE_LEAK)
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
358 in org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
java.lang.String, boolean)()
> 352     					new String[]{"bash", "-c", allGroupsCmd});
> 353     			reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
> 354     		}
> 355    
> 356     		String line = null;
> 357    
>      CID 135582:  Exceptional resource leaks  (RESOURCE_LEAK)
>      Variable "reader" going out of scope leaks the resource it refers to.
> 358     		while ((line = reader.readLine()) != null) {
> 359     			if (line.trim().isEmpty())
> 360     				continue;
> 361    
> 362     			parseMembers(line);
> 363     		}
> {noformat}
> {noformat}
>  CID 135581:  Exceptional resource leaks  (RESOURCE_LEAK)
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
190 in org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
> 184     			reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
> 185     		}
> 186    
> 187     		String line = null;
> 188     		Map<String,String> userName2uid = new HashMap<String,String>();
> 189    
>      CID 135581:  Exceptional resource leaks  (RESOURCE_LEAK)
>      Variable "reader" going out of scope leaks the resource it refers to.
> 190     		while ((line = reader.readLine()) != null) {
> 191     			if (line.trim().isEmpty())
> 192     				continue;
> 193    
> 194     			String[] tokens = line.split(":");
> 195    
> {noformat}
> {noformat}
>  CID 135579:  Null pointer dereferences  (NULL_RETURNS)
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
277 in org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
> 271     				reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
> 272     				line = reader.readLine();
> 273     				reader.close();
> 274    
> 275     				LOG.debug("id -G returned " + line);
> 276    
>      CID 135579:  Null pointer dereferences  (NULL_RETURNS)
>      Calling a method on null object "line".
> 277     				if (line.trim().isEmpty()) {
> 278     					LOG.warn("User " + entry.getKey() + " could not be resolved");
> 279     					continue;
> 280     				}
> 281    
> 282     				String[] gids = line.split(" ");
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message