You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2021/01/26 14:34:59 UTC

[tomcat] branch 8.5.x updated: Update false positives

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
     new 5ace871  Update false positives
5ace871 is described below

commit 5ace87126fd3c635d14366559999258b75f379c4
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue Jan 26 14:26:52 2021 +0000

    Update false positives
---
 res/findbugs/filter-false-positives.xml | 34 +++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/res/findbugs/filter-false-positives.xml b/res/findbugs/filter-false-positives.xml
index 19aab07..da428e8 100644
--- a/res/findbugs/filter-false-positives.xml
+++ b/res/findbugs/filter-false-positives.xml
@@ -301,6 +301,12 @@
     <Pattern code="VO_VOLATILE_INCREMENT" />
   </Match>
   <Match>
+    <!-- Thread never executed so empty run method not an issue -->
+    <Class name="org.apache.catalina.loader.WebappClassLoaderBase" />
+    <Method name="clearReferences" />
+    <Bug pattern="DM_USELESS_THREAD" />
+  </Match>
+  <Match>
     <!-- Field is only modified during Servlet load -->
     <Class name="org.apache.catalina.manager.host.HostManagerServlet" />
     <Bug code="MSF" />
@@ -431,6 +437,34 @@
   <Match>
     <!-- Non-constant strings are configuration settings rather than client
          supplied -->
+    <Class name="org.apache.catalina.session.DataSourceStore" />
+    <Or>
+      <Method name="clear" />
+      <Method name="getSize" />
+      <Method name="keys" />
+      <Method name="load" />
+      <Method name="remove" />
+      <Method name="save" />
+    </Or>
+    <Bug pattern="SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING" />
+  </Match>
+  <Match>
+    <!-- Non-constant strings are configuration settings rather than client
+         supplied -->
+    <Class name="org.apache.catalina.session.DataSourceStore" />
+    <Or>
+      <Method name="clear" />
+      <Method name="getSize" />
+      <Method name="keys" />
+      <Method name="load" />
+      <Method name="remove" />
+      <Method name="save" />
+    </Or>
+    <Bug pattern="SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING" />
+  </Match>
+  <Match>
+    <!-- Non-constant strings are configuration settings rather than client
+         supplied -->
     <Class name="org.apache.catalina.session.JDBCStore" />
     <Or>
       <Method name="clear" />


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org