You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@doris.apache.org by mo...@apache.org on 2023/01/10 17:04:10 UTC
[doris] 01/04: [chore](vulnerability) fix fe high risk vulnerability scanned by bug scanner (#15649)
This is an automated email from the ASF dual-hosted git repository.
morningman pushed a commit to branch branch-1.2-lts
in repository https://gitbox.apache.org/repos/asf/doris.git
commit 3e47ec879c5b84d4094db00b7486f29851191398
Author: Zhengguo Yang <ya...@gmail.com>
AuthorDate: Tue Jan 10 17:44:18 2023 +0800
[chore](vulnerability) fix fe high risk vulnerability scanned by bug scanner (#15649)
---
.../org/apache/doris/common/io/BitmapValue.java | 14 ++++---
.../doris/common/jmockit/FieldReflection.java | 2 +-
.../doris/common/jmockit/MethodReflection.java | 2 +-
.../org/apache/doris/analysis/BinaryPredicate.java | 5 +--
.../org/apache/doris/analysis/CreateTableStmt.java | 4 +-
.../main/java/org/apache/doris/catalog/Type.java | 2 +-
.../doris/clone/DynamicPartitionScheduler.java | 4 +-
.../doris/common/util/DynamicPartitionUtil.java | 5 +--
.../doris/deploy/impl/LocalFileDeployManager.java | 2 +-
.../iceberg/IcebergTableCreationRecordMgr.java | 2 +-
.../apache/doris/httpv2/rest/GetLogFileAction.java | 2 +-
.../main/java/org/apache/doris/load/DppConfig.java | 43 ++++++++++++++++++++++
.../java/org/apache/doris/load/EtlJobInfo.java | 12 +++++-
.../doris/persist/TableAddOrDropColumnsInfo.java | 2 +-
.../doris/persist/TableRenameColumnInfo.java | 2 +-
.../apache/doris/planner/SingleNodePlanner.java | 2 +-
.../org/apache/doris/catalog/CatalogTestUtil.java | 2 +-
.../doris/planner/TableFunctionPlanTest.java | 2 +-
18 files changed, 82 insertions(+), 27 deletions(-)
diff --git a/fe/fe-common/src/main/java/org/apache/doris/common/io/BitmapValue.java b/fe/fe-common/src/main/java/org/apache/doris/common/io/BitmapValue.java
index cd6de7b3de..0ed342cf6f 100644
--- a/fe/fe-common/src/main/java/org/apache/doris/common/io/BitmapValue.java
+++ b/fe/fe-common/src/main/java/org/apache/doris/common/io/BitmapValue.java
@@ -320,20 +320,24 @@ public class BitmapValue {
}
}
- public boolean equals(BitmapValue other) {
+ @Override
+ public boolean equals(Object other) {
+ if (other == null || !(other instanceof BitmapValue)) {
+ return false;
+ }
boolean ret = false;
- if (this.bitmapType != other.bitmapType) {
+ if (this.bitmapType != ((BitmapValue) other).bitmapType) {
return false;
}
- switch (other.bitmapType) { // CHECKSTYLE IGNORE THIS LINE: missing switch default
+ switch (((BitmapValue) other).bitmapType) { // CHECKSTYLE IGNORE THIS LINE: missing switch default
case EMPTY:
ret = true;
break;
case SINGLE_VALUE:
- ret = this.singleValue == other.singleValue;
+ ret = this.singleValue == ((BitmapValue) other).singleValue;
break;
case BITMAP_VALUE:
- ret = bitmap.equals(other.bitmap);
+ ret = bitmap.equals(((BitmapValue) other).bitmap);
}
return ret;
}
diff --git a/fe/fe-common/src/main/java/org/apache/doris/common/jmockit/FieldReflection.java b/fe/fe-common/src/main/java/org/apache/doris/common/jmockit/FieldReflection.java
index 1974d4f53b..084b5bec1a 100644
--- a/fe/fe-common/src/main/java/org/apache/doris/common/jmockit/FieldReflection.java
+++ b/fe/fe-common/src/main/java/org/apache/doris/common/jmockit/FieldReflection.java
@@ -281,7 +281,7 @@ public final class FieldReflection {
private static boolean isSameType(Class<?> firstType, Class<?> secondType) {
return firstType == secondType
|| firstType.isPrimitive() && firstType == AutoType.getPrimitiveType(secondType)
- || secondType.isPrimitive() && firstType == AutoType.getPrimitiveType(secondType);
+ || secondType.isPrimitive() && secondType == AutoType.getPrimitiveType(firstType);
}
}
diff --git a/fe/fe-common/src/main/java/org/apache/doris/common/jmockit/MethodReflection.java b/fe/fe-common/src/main/java/org/apache/doris/common/jmockit/MethodReflection.java
index 47bd5e5f2a..749e2e7cca 100644
--- a/fe/fe-common/src/main/java/org/apache/doris/common/jmockit/MethodReflection.java
+++ b/fe/fe-common/src/main/java/org/apache/doris/common/jmockit/MethodReflection.java
@@ -158,6 +158,6 @@ public final class MethodReflection {
private static boolean isSameType(Class<?> firstType, Class<?> secondType) {
return firstType == secondType
|| firstType.isPrimitive() && firstType == AutoType.getPrimitiveType(secondType)
- || secondType.isPrimitive() && firstType == AutoType.getPrimitiveType(secondType);
+ || secondType.isPrimitive() && secondType == AutoType.getPrimitiveType(firstType);
}
}
diff --git a/fe/fe-core/src/main/java/org/apache/doris/analysis/BinaryPredicate.java b/fe/fe-core/src/main/java/org/apache/doris/analysis/BinaryPredicate.java
index bd2b8245bd..fef28c4f44 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/analysis/BinaryPredicate.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/analysis/BinaryPredicate.java
@@ -357,9 +357,8 @@ public class BinaryPredicate extends Predicate implements Writable {
if (t1 == PrimitiveType.VARCHAR && t2 == PrimitiveType.VARCHAR) {
return Type.VARCHAR;
}
- if (t1 == PrimitiveType.STRING && t2 == PrimitiveType.STRING
- || t1 == PrimitiveType.STRING && t2 == PrimitiveType.VARCHAR
- || t1 == PrimitiveType.VARCHAR && t2 == PrimitiveType.STRING) {
+ if ((t1 == PrimitiveType.STRING && (t2 == PrimitiveType.VARCHAR || t2 == PrimitiveType.STRING)) || (
+ t2 == PrimitiveType.STRING && (t1 == PrimitiveType.VARCHAR || t1 == PrimitiveType.STRING))) {
return Type.STRING;
}
if (t1 == PrimitiveType.BIGINT && t2 == PrimitiveType.BIGINT) {
diff --git a/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateTableStmt.java b/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateTableStmt.java
index b7994b8e3d..826aee4663 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateTableStmt.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/analysis/CreateTableStmt.java
@@ -569,9 +569,7 @@ public class CreateTableStmt extends DdlStmt {
}
}
sb.append("\n)");
- if (engineName != null) {
- sb.append(" ENGINE = ").append(engineName);
- }
+ sb.append(" ENGINE = ").append(engineName);
if (keysDesc != null) {
sb.append("\n").append(keysDesc.toSql());
diff --git a/fe/fe-core/src/main/java/org/apache/doris/catalog/Type.java b/fe/fe-core/src/main/java/org/apache/doris/catalog/Type.java
index 34b9cb49b8..fde7dead86 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/catalog/Type.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/catalog/Type.java
@@ -768,7 +768,7 @@ public abstract class Type {
|| scalarType.getType() == TPrimitiveType.DECIMAL64
|| scalarType.getType() == TPrimitiveType.DECIMAL128I) {
Preconditions.checkState(scalarType.isSetPrecision()
- && scalarType.isSetPrecision());
+ && scalarType.isSetScale());
type = ScalarType.createDecimalType(scalarType.getPrecision(),
scalarType.getScale());
} else if (scalarType.getType() == TPrimitiveType.DATETIMEV2) {
diff --git a/fe/fe-core/src/main/java/org/apache/doris/clone/DynamicPartitionScheduler.java b/fe/fe-core/src/main/java/org/apache/doris/clone/DynamicPartitionScheduler.java
index 2d8408cc06..754126caaa 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/clone/DynamicPartitionScheduler.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/clone/DynamicPartitionScheduler.java
@@ -347,6 +347,8 @@ public class DynamicPartitionScheduler extends MasterDaemon {
reservedHistoryPartitionKeyRangeList.add(reservedHistoryPartitionKeyRange);
} catch (IllegalArgumentException e) {
return dropPartitionClauses;
+ } catch (AnalysisException e) {
+ throw new DdlException(e.getMessage());
}
}
}
@@ -390,7 +392,7 @@ public class DynamicPartitionScheduler extends MasterDaemon {
}
ArrayList<AddPartitionClause> addPartitionClauses = new ArrayList<>();
- ArrayList<DropPartitionClause> dropPartitionClauses = null;
+ ArrayList<DropPartitionClause> dropPartitionClauses = new ArrayList<>();
String tableName = null;
boolean skipAddPartition = false;
OlapTable olapTable;
diff --git a/fe/fe-core/src/main/java/org/apache/doris/common/util/DynamicPartitionUtil.java b/fe/fe-core/src/main/java/org/apache/doris/common/util/DynamicPartitionUtil.java
index c0df533032..60247b4ec7 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/common/util/DynamicPartitionUtil.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/common/util/DynamicPartitionUtil.java
@@ -729,7 +729,7 @@ public class DynamicPartitionUtil {
}
public static String getHistoryPartitionRangeString(DynamicPartitionProperty dynamicPartitionProperty,
- String time, String format) {
+ String time, String format) throws AnalysisException {
ZoneId zoneId = dynamicPartitionProperty.getTimeZone().toZoneId();
Date date = null;
Timestamp timestamp = null;
@@ -740,8 +740,7 @@ public class DynamicPartitionUtil {
date = simpleDateFormat.parse(time);
} catch (ParseException e) {
LOG.warn("Parse dynamic partition periods error. Error={}", e.getMessage());
- return getFormattedTimeWithoutMinuteSecond(
- ZonedDateTime.parse(timestamp.toString(), dateTimeFormatter), format);
+ throw new AnalysisException("Parse dynamic partition periods error. Error=" + e.getMessage());
}
timestamp = new Timestamp(date.getTime());
return getFormattedTimeWithoutMinuteSecond(
diff --git a/fe/fe-core/src/main/java/org/apache/doris/deploy/impl/LocalFileDeployManager.java b/fe/fe-core/src/main/java/org/apache/doris/deploy/impl/LocalFileDeployManager.java
index 4ff49901cb..e5023a8347 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/deploy/impl/LocalFileDeployManager.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/deploy/impl/LocalFileDeployManager.java
@@ -133,7 +133,7 @@ public class LocalFileDeployManager extends DeployManager {
LOG.warn("failed to close buffered reader after reading file: {}", clusterInfoFile, e);
}
}
- if (lock != null && channel.isOpen()) {
+ if (lock != null) {
try {
lock.release();
} catch (IOException e) {
diff --git a/fe/fe-core/src/main/java/org/apache/doris/external/iceberg/IcebergTableCreationRecordMgr.java b/fe/fe-core/src/main/java/org/apache/doris/external/iceberg/IcebergTableCreationRecordMgr.java
index 475215c327..a98dd7f2ab 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/external/iceberg/IcebergTableCreationRecordMgr.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/external/iceberg/IcebergTableCreationRecordMgr.java
@@ -152,7 +152,7 @@ public class IcebergTableCreationRecordMgr extends MasterDaemon {
try {
icebergTables = icebergCatalog.listTables(icebergProperty.getDatabase());
- } catch (DorisIcebergException e) {
+ } catch (Exception e) {
addTableCreationRecord(db.getId(), -1, db.getFullName(), "", FAIL,
prop.writeTimeFormat(new Date(System.currentTimeMillis())), e.getMessage());
LOG.warn("Failed list remote Iceberg database, hive.metastore.uris[{}], database[{}], error: {}",
diff --git a/fe/fe-core/src/main/java/org/apache/doris/httpv2/rest/GetLogFileAction.java b/fe/fe-core/src/main/java/org/apache/doris/httpv2/rest/GetLogFileAction.java
index 9c97f2ee90..9535cc650d 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/httpv2/rest/GetLogFileAction.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/httpv2/rest/GetLogFileAction.java
@@ -88,7 +88,7 @@ public class GetLogFileAction extends RestBaseController {
return ResponseEntityBuilder.internalError(e.getMessage());
}
} else {
- return ResponseEntityBuilder.okWithCommonError("Log file not exist: " + log.getName());
+ return ResponseEntityBuilder.okWithCommonError("Log file not exist: " + logFile);
}
}
return ResponseEntityBuilder.ok();
diff --git a/fe/fe-core/src/main/java/org/apache/doris/load/DppConfig.java b/fe/fe-core/src/main/java/org/apache/doris/load/DppConfig.java
index e113ce539c..5b15ced9fb 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/load/DppConfig.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/load/DppConfig.java
@@ -408,6 +408,49 @@ public class DppConfig implements Writable {
@Override
public boolean equals(Object obj) {
+ if (obj == null) {
+ return false;
+ }
+
+ if (!(obj instanceof DppConfig)) {
+ return false;
+ }
+
+ DppConfig other = (DppConfig) obj;
+ if (paloPath == null) {
+ if (other.paloPath != null) {
+ return false;
+ }
+ } else {
+ if (!paloPath.equals(other.paloPath)) {
+ return false;
+ }
+ }
+
+ if (httpPort != other.httpPort) {
+ return false;
+ }
+
+ if (hadoopConfigs == null) {
+ if (other.hadoopConfigs != null) {
+ return false;
+ }
+ } else {
+ if (!hadoopConfigs.equals(other.hadoopConfigs)) {
+ return false;
+ }
+ }
+
+ if (priority == null) {
+ if (other.priority != null) {
+ return false;
+ }
+ } else {
+ if (!priority.equals(other.priority)) {
+ return false;
+ }
+ }
+
return true;
}
}
diff --git a/fe/fe-core/src/main/java/org/apache/doris/load/EtlJobInfo.java b/fe/fe-core/src/main/java/org/apache/doris/load/EtlJobInfo.java
index c799d6b337..f0360cb547 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/load/EtlJobInfo.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/load/EtlJobInfo.java
@@ -54,6 +54,16 @@ public class EtlJobInfo implements Writable {
@Override
public boolean equals(Object obj) {
- return true;
+ if (obj == null) {
+ return false;
+ }
+ if (this == obj) {
+ return true;
+ }
+ if (obj instanceof EtlJobInfo) {
+ EtlJobInfo other = (EtlJobInfo) obj;
+ return jobStatus.equals(other.jobStatus);
+ }
+ return false;
}
}
diff --git a/fe/fe-core/src/main/java/org/apache/doris/persist/TableAddOrDropColumnsInfo.java b/fe/fe-core/src/main/java/org/apache/doris/persist/TableAddOrDropColumnsInfo.java
index ad4be3ad9d..c6cdd2ce9e 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/persist/TableAddOrDropColumnsInfo.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/persist/TableAddOrDropColumnsInfo.java
@@ -97,7 +97,7 @@ public class TableAddOrDropColumnsInfo implements Writable {
TableAddOrDropColumnsInfo info = (TableAddOrDropColumnsInfo) obj;
- return (dbId == info.dbId && tableId == tableId
+ return (dbId == info.dbId && tableId == info.tableId
&& indexSchemaMap.equals(info.indexSchemaMap) && indexes.equals(info.indexes)
&& jobId == info.jobId);
}
diff --git a/fe/fe-core/src/main/java/org/apache/doris/persist/TableRenameColumnInfo.java b/fe/fe-core/src/main/java/org/apache/doris/persist/TableRenameColumnInfo.java
index f7a388756d..aec3a56a4f 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/persist/TableRenameColumnInfo.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/persist/TableRenameColumnInfo.java
@@ -85,7 +85,7 @@ public class TableRenameColumnInfo implements Writable {
TableRenameColumnInfo info = (TableRenameColumnInfo) obj;
- return (dbId == info.dbId && tableId == tableId
+ return (dbId == info.dbId && tableId == info.tableId
&& colName.equals(info.colName) && newColName.equals(info.newColName));
}
diff --git a/fe/fe-core/src/main/java/org/apache/doris/planner/SingleNodePlanner.java b/fe/fe-core/src/main/java/org/apache/doris/planner/SingleNodePlanner.java
index 8b27b1e1a3..5a94536483 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/planner/SingleNodePlanner.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/planner/SingleNodePlanner.java
@@ -1712,7 +1712,7 @@ public class SingleNodePlanner {
return;
}
preds.removeAll(pushDownFailedPredicates);
- unassignedConjuncts.remove(preds);
+ unassignedConjuncts.removeAll(preds);
unassignedConjuncts.addAll(pushDownFailedPredicates);
// Remove unregistered predicates that reference the same slot on
diff --git a/fe/fe-core/src/test/java/org/apache/doris/catalog/CatalogTestUtil.java b/fe/fe-core/src/test/java/org/apache/doris/catalog/CatalogTestUtil.java
index 61f5f0d967..0c180e68aa 100644
--- a/fe/fe-core/src/test/java/org/apache/doris/catalog/CatalogTestUtil.java
+++ b/fe/fe-core/src/test/java/org/apache/doris/catalog/CatalogTestUtil.java
@@ -163,7 +163,7 @@ public class CatalogTestUtil {
if (slaveReplica.getBackendId() != masterReplica.getBackendId()
|| slaveReplica.getVersion() != masterReplica.getVersion()
|| slaveReplica.getLastFailedVersion() != masterReplica.getLastFailedVersion()
- || slaveReplica.getLastSuccessVersion() != slaveReplica.getLastSuccessVersion()) {
+ || slaveReplica.getLastSuccessVersion() != masterReplica.getLastSuccessVersion()) {
return false;
}
}
diff --git a/fe/fe-core/src/test/java/org/apache/doris/planner/TableFunctionPlanTest.java b/fe/fe-core/src/test/java/org/apache/doris/planner/TableFunctionPlanTest.java
index b29778a076..029b5c39b1 100644
--- a/fe/fe-core/src/test/java/org/apache/doris/planner/TableFunctionPlanTest.java
+++ b/fe/fe-core/src/test/java/org/apache/doris/planner/TableFunctionPlanTest.java
@@ -459,7 +459,7 @@ public class TableFunctionPlanTest {
String sql = "desc verbose select min(c1) from (select k1 as c1, min(k2) as c2 from db1.tbl1 group by c1) a "
+ "lateral view explode_split(c2, \",\") tmp1 as e1 order by min(c1)";
String errorMsg = UtFrameUtils.getSQLPlanOrErrorMsg(ctx, sql, true);
- errorMsg.equalsIgnoreCase("lateral view as a inline view");
+ Assert.assertTrue(errorMsg.toLowerCase().contains("lateral view as a inline view"));
}
/*
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@doris.apache.org
For additional commands, e-mail: commits-help@doris.apache.org