You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2021/06/23 16:56:03 UTC
[tomcat] branch 8.5.x updated: Remaining false positives with
latest Eclipse / SpotBugs plugin
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new eeddd3b Remaining false positives with latest Eclipse / SpotBugs plugin
eeddd3b is described below
commit eeddd3b7c7a408fed980f3a4fc20268aa3d0a38b
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Jun 23 17:37:37 2021 +0100
Remaining false positives with latest Eclipse / SpotBugs plugin
---
res/findbugs/filter-false-positives.xml | 125 +++++++++++++++++++++++++++++++-
1 file changed, 123 insertions(+), 2 deletions(-)
diff --git a/res/findbugs/filter-false-positives.xml b/res/findbugs/filter-false-positives.xml
index 6dee97b..c34cbe0 100644
--- a/res/findbugs/filter-false-positives.xml
+++ b/res/findbugs/filter-false-positives.xml
@@ -1634,6 +1634,18 @@
<Bug code="HRS" />
</Match>
<Match>
+ <!-- As an example, this usage is fine -->
+ <Class name="async.Stockticker"/>
+ <Method name="run"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
+ <!-- The Random is re-used -->
+ <Class name="jsp2.examples.simpletag.ShuffleSimpleTag"/>
+ <Method name="doTag"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
<!-- Not really unused as it registers itself during construction -->
<Class name="nonblocking.ByteCounter" />
<Method name="doPost" />
@@ -1645,6 +1657,21 @@
<Method name="doGet" />
<Bug pattern="DLS_DEAD_LOCAL_STORE" />
</Match>
+ <Match>
+ <!-- The Random is re-used -->
+ <Class name="num.NumberGuessBean"/>
+ <Method name="reset"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
+ <!-- The Random is re-used -->
+ <Class name="websocket.snake.SnakeAnnotation"/>
+ <Or>
+ <Method name="getRandomHexColor"/>
+ <Method name="getRandomLocation"/>
+ </Or>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
<!-- Generated code -->
@@ -1720,6 +1747,12 @@
<Bug pattern="RV_RETURN_VALUE_IGNORED"/>
</Match>
<Match>
+ <!-- Single use of Random is deliberate -->
+ <Class name="org.apache.catalina.connector.TestSendFile$Bug60409Servlet"/>
+ <Method name="doGet"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
<!-- Dead store is deliberate -->
<Or>
<Class name="org.apache.catalina.core.TestAsyncContextImpl$AsyncDispatchUrlWithSpacesServlet"/>
@@ -1798,6 +1831,15 @@
<Bug pattern="RR_NOT_CHECKED"/>
</Match>
<Match>
+ <!-- Not single use -->
+ <Class name="org.apache.catalina.startup.FastNonSecureRandom"/>
+ <Or>
+ <Method name="nextBytes"/>
+ <Method name="setSeed"/>
+ </Or>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
<!-- Deliberate hack for the purposes of the test -->
<Class name="org.apache.catalina.startup.TesterServletWithAnnotations"/>
<Or>
@@ -1866,14 +1908,32 @@
</Or>
</Match>
<Match>
+ <!-- Not single use -->
+ <Class name="org.apache.catalina.tribes.demos.LoadTest$LoadMessage"/>
+ <Method name="<clinit>"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
<Class name="org.apache.catalina.tribes.demos.LoadTest$SystemExit" />
<Bug code="Dm" />
</Match>
<Match>
+ <!-- Not single use -->
+ <Class name="org.apache.catalina.tribes.demos.MapDemo$SimpleTableDemo" />
+ <Mehtod name="random"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
<Class name="org.apache.catalina.tribes.demos.MapDemo$SystemExit" />
<Bug code="Dm" />
</Match>
<Match>
+ <!-- Not single use -->
+ <Class name="org.apache.catalina.tribes.group.TestGroupChannelSenderConnections$TestMsg" />
+ <Method name="<init>"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
<Class name="org.apache.catalina.tribes.test.channel.TestChannelOptionFlag" />
<Method name="tearDown" />
<Bug code="DE" />
@@ -1894,10 +1954,40 @@
<Bug code="DE" />
</Match>
<Match>
+ <!-- Not single use -->
+ <Class name="org.apache.catalina.tribes.test.channel.TestDataIntegrity$Data" />
+ <Method name="createRandomData"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
+ <!-- Not single use -->
+ <Class name="org.apache.catalina.tribes.test.channel.TestMulticastPackages$Data" />
+ <Method name="createRandomData"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
<Class name="org.apache.catalina.tribes.test.channel.TestRemoteProcessException" />
<Bug code="Nm" />
</Match>
<Match>
+ <!-- Not single use -->
+ <Class name="org.apache.catalina.tribes.test.channel.TestRemoteProcessException" />
+ <Method name="testDataSendSYNCACK"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
+ <!-- Not single use -->
+ <Class name="org.apache.catalina.tribes.test.channel.TestRemoteProcessException$Data" />
+ <Method name="createRandomData"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
+ <!-- Not single use -->
+ <Class name="org.apache.catalina.tribes.test.channel.TestUdpPackages$Data" />
+ <Method name="createRandomData"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
<Class name="org.apache.catalina.tribes.test.interceptors.TestNonBlockingCoordinator" />
<Method name="testCoord1" />
<Bug code="DE" />
@@ -1984,18 +2074,30 @@
<Bug pattern="ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD"/>
</Match>
<Match>
- <!-- Test code - and e3choing a header should be safe anyway -->
+ <!-- Test code - and echoing a header should be safe anyway -->
<Class name="org.apache.coyote.http11.upgrade.TestUpgrade$UpgradeServlet"/>
<Method name="doGet"/>
<Bug pattern="HRS_REQUEST_PARAMETER_TO_HTTP_HEADER"/>
</Match>
<Match>
+ <!-- Single use is OK for this test -->
+ <Class name="org.apache.coyote.http2.Http2TestBase$LargeHeaderServlet" />
+ <Method name="doGet"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
<!-- Latch isn't essential so no need to check return -->
<Class name="org.apache.coyote.http2.TestAsyncTimeout"/>
<Method name="testTimeout"/>
<Bug pattern="RV_RETURN_VALUE_IGNORED"/>
</Match>
<Match>
+ <!-- Single use is OK for this test -->
+ <Class name="org.apache.coyote.http2.TestHttp2Limits" />
+ <Method name="doTestHeaderLimits"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
<!-- Result is negated to compare result when order is reversed -->
<Class name="org.apache.el.TestELEvaluation" />
<Method name="compareBoth" />
@@ -2017,6 +2119,12 @@
<Bug pattern="IS2_INCONSISTENT_SYNC" />
</Match>
<Match>
+ <!-- Not single use -->
+ <Class name="org.apache.juli.TestClassLoaderLogManager$LoggerCreateThread" />
+ <Method name="run"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE"/>
+ </Match>
+ <Match>
<!-- Field set via injection-->
<Class name="org.apache.naming.TesterInjectionServlet" />
<Or>
@@ -2041,6 +2149,12 @@
<Bug code="ST" />
</Match>
<Match>
+ <!-- The name random is reused -->
+ <Class name="org.apache.tomcat.jdbc.test.CreateTestTable" />
+ <Method name="getRandom"/>
+ <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE" />
+ </Match>
+ <Match>
<!-- The name shadowing is deliberate -->
<Or>
<Class name="org.apache.tomcat.jdbc.test.driver.Connection" />
@@ -2057,7 +2171,7 @@
<Bug pattern="RV_RETURN_VALUE_IGNORED" />
</Match>
<Match>
- <!-- A number of the tests incude performance tests -->
+ <!-- A number of the tests include performance tests -->
<Class name="org.apache.tomcat.jdbc.test.DefaultTestCase" />
<Method name="tearDown" />
<Bug pattern="DM_GC" />
@@ -2169,6 +2283,13 @@
<Bug pattern="RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT" />
</Match>
<Match>
+ <!-- Have to do this to get the set of scanned classes as we only
+ provide the SCI class name not an SCI instance. -->
+ <Class name="org.apache.tomcat.util.scan.FooSCI"/>
+ <Mehtod name="onStartup"/>
+ <Bug pattern="ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD"/>
+ </Match>
+ <Match>
<Class name="org.apache.tomcat.util.threads.TestLimitLatch" />
<Or>
<Method name="waitForThreadToStop" />
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org