You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@oozie.apache.org by "Artem Ervits (JIRA)" <ji...@apache.org> on 2017/11/13 14:08:00 UTC

[jira] [Created] (OOZIE-3124) address findbugs warnings

Artem Ervits created OOZIE-3124:
-----------------------------------

             Summary: address findbugs warnings
                 Key: OOZIE-3124
                 URL: https://issues.apache.org/jira/browse/OOZIE-3124
             Project: Oozie
          Issue Type: Bug
            Reporter: Artem Ervits
             Fix For: trunk, 5.0.0


{noformat}
-1 There are [125] new bugs found below threshold in total that must be fixed.
. -1 There are [67] new bugs found below threshold in [core] that must be fixed, listing only the first [5] ones.
. You can find the FindBugs diff here (look for the red and orange ones): core/findbugs-new.html
. The top [5] most important FindBugs errors are:
. At EmailActionExecutor.java:[line 267]: java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input
. At EmailActionExecutor.java:[line 162]: At EmailActionExecutor.java:[line 160]
. At EmailActionExecutor.java:[line 176]: At EmailActionExecutor.java:[line 171]
. At SshActionExecutor.java:[line 134]: This usage of java/lang/Runtime.exec([Ljava/lang/String;)Ljava/lang/Process; can be vulnerable to Command Injection
. At SshActionExecutor.java:[line 131]: At SshActionExecutor.java:[line 130]
. -1 There are [1] new bugs found below threshold in [server] that must be fixed.
. You can find the FindBugs diff here (look for the red and orange ones): server/findbugs-new.html
. The most important FindBugs errors are:
. At JspHandlerProvider.java:[line 43]: java/io/File.<init>(Ljava/lang/String;Ljava/lang/String;)V reads a file whose location might be specified by user input
. At JspHandlerProvider.java:[line 43]
. -1 There are [8] new bugs found below threshold in [client] that must be fixed, listing only the first [5] ones.
. You can find the FindBugs diff here (look for the red and orange ones): client/findbugs-new.html
. The top [5] most important FindBugs errors are:
. At OozieCLI.java:[line 841]: java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input
. java/io/FileInputStream.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input: At OozieCLI.java:[line 839]
. At OozieCLI.java:[line 839]: At OozieCLI.java:[line 849]
. At OozieCLI.java:[line 876]: java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input
. java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input: At OozieCLI.java:[line 871]
. +1 There are no new bugs found in [docs].
. -1 There are [2] new bugs found below threshold in [examples] that must be fixed.
. You can find the FindBugs diff here (look for the red and orange ones): examples/findbugs-new.html
. The most important FindBugs errors are:
. At LocalOozieExample.java:[line 47]: java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input
. java/io/FileInputStream.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input: At LocalOozieExample.java:[line 35]
. At LocalOozieExample.java:[line 35]: At LocalOozieExample.java:[line 72]
. -1 There are [2] new bugs found below threshold in [sharelib/hive] that must be fixed.
. You can find the FindBugs diff here (look for the red and orange ones): sharelib/hive/findbugs-new.html
. The most important FindBugs errors are:
. At HiveMain.java:[line 317]: java/io/FileInputStream.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input
. At HiveMain.java:[line 226]: At HiveMain.java:[line 207]
. At HiveMain.java:[line 210]: java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input
. At HiveMain.java:[line 207]
. -1 There are [3] new bugs found below threshold in [sharelib/pig] that must be fixed.
. You can find the FindBugs diff here (look for the red and orange ones): sharelib/pig/findbugs-new.html
. The most important FindBugs errors are:
. At PigMain.java:[line 258]: java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input
. At PigMain.java:[line 141]: At PigMain.java:[line 131]
. At PigMain.java:[line 245]: At PigMain.java:[line 199]
. At PigMain.java:[line 137]: java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input
. java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input: At PigMain.java:[line 131]
. +1 There are no new bugs found in [sharelib/distcp].
. +1 There are no new bugs found in [sharelib/streaming].
. -1 There are [2] new bugs found below threshold in [sharelib/spark] that must be fixed.
. You can find the FindBugs diff here (look for the red and orange ones): sharelib/spark/findbugs-new.html
. The most important FindBugs errors are:
. At SparkMain.java:[line 128]: java/io/File.<init>(Ljava/io/File;Ljava/lang/String;)V reads a file whose location might be specified by user input
. java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input: At SparkMain.java:[line 128]
. At SparkMain.java:[line 161]: At SparkMain.java:[line 168]
. At SparkMain.java:[line 167]
. +1 There are no new bugs found in [sharelib/hcatalog].
. +1 There are no new bugs found in [sharelib/sqoop].
. -1 There are [3] new bugs found below threshold in [sharelib/hive2] that must be fixed.
. You can find the FindBugs diff here (look for the red and orange ones): sharelib/hive2/findbugs-new.html
. The most important FindBugs errors are:
. At Hive2Main.java:[line 279]: java/io/FileInputStream.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input
. At Hive2Main.java:[line 165]: At Hive2Main.java:[line 146]
. At Hive2Main.java:[line 149]: java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input
. java/io/FileOutputStream.<init>(Ljava/lang/String;)V writes to a file whose location might be specified by user input: At Hive2Main.java:[line 146]
. At Hive2Main.java:[line 118]: At Hive2Main.java:[line 267]
. -1 There are [8] new bugs found below threshold in [sharelib/oozie] that must be fixed, listing only the first [5] ones.
. You can find the FindBugs diff here (look for the red and orange ones): sharelib/oozie/findbugs-new.html
. The top [5] most important FindBugs errors are:
. At LauncherMain.java:[line 471]: java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input
. At LauncherMain.java:[line 461]: java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input
. At LauncherMain.java:[line 140]: java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input
. java/io/FileReader.<init>(Ljava/lang/String;)V reads a file whose location might be specified by user input: At LauncherMain.java:[line 176]
. At LauncherMain.java:[line 176]: At LauncherMain.java:[line 144]
. -1 There are [29] new bugs found below threshold in [tools] that must be fixed, listing only the first [5] ones.
. You can find the FindBugs diff here (look for the red and orange ones): tools/findbugs-new.html
. The top [5] most important FindBugs errors are:
. At OozieDBCLI.java:[line 548]: java/io/FileWriter.<init>(Ljava/lang/String;Z)V writes to a file whose location might be specified by user input
. At OozieDBCLI.java:[line 126]: At OozieDBCLI.java:[line 122]
. At OozieDBCLI.java:[line 229]: At OozieDBCLI.java:[line 133]
. At OozieDBCLI.java:[line 703]: At OozieDBCLI.java:[line 249]
. At OozieDBCLI.java:[line 577]: java/io/FileWriter.<init>(Ljava/lang/String;Z)V writes to a file whose location might be specified by user input
{noformat}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)