[ https://issues.apache.org/jira/browse/OOZIE-3124?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andras Salamon updated OOZIE-3124: ---------------------------------- Fix Version/s: (was: 5.2.0) > address findbugs warnings > ------------------------- > > Key: OOZIE-3124 > URL: https://issues.apache.org/jira/browse/OOZIE-3124 > Project: Oozie > Issue Type: Bug > Reporter: Artem Ervits > Priority: Major > > {noformat} > -1 There are [125] new bugs found below threshold in total that must be fixed. > . -1 There are [67] new bugs found below threshold in [core] that must be > fixed, listing only the first [5] ones. > . You can find the FindBugs diff here (look for the red and orange ones): > core/findbugs-new.html > . The top [5] most important FindBugs errors are: > . At EmailActionExecutor.java:[line 267]: > java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be > specified by user input > . At EmailActionExecutor.java:[line 162]: At EmailActionExecutor.java:[line > 160] > . At EmailActionExecutor.java:[line 176]: At EmailActionExecutor.java:[line > 171] > . At SshActionExecutor.java:[line 134]: This usage of > java/lang/Runtime.exec([Ljava/lang/String;)Ljava/lang/Process; can be > vulnerable to Command Injection > . At SshActionExecutor.java:[line 131]: At SshActionExecutor.java:[line 130] > . -1 There are [1] new bugs found below threshold in [server] that must be > fixed. > . You can find the FindBugs diff here (look for the red and orange ones): > server/findbugs-new.html > . The most important FindBugs errors are: > . At JspHandlerProvider.java:[line 43]: > java/io/File.<init>(Ljava/lang/String;Ljava/lang/String;)V reads a file whose > location might be specified by user input > . At JspHandlerProvider.java:[line 43] > . -1 There are [8] new bugs found below threshold in [client] that must be > fixed, listing only the first [5] ones. > . You can find the FindBugs diff here (look for the red and orange ones): > client/findbugs-new.html > . The top [5] most important FindBugs errors are: > . At OozieCLI.java:[line 841]: java/io/File.<init>(Ljava/lang/String;)V reads > a file whose location might be specified by user input > . java/io/FileInputStream.<init>(Ljava/lang/String;)V reads a file whose > location might be specified by user input: At OozieCLI.java:[line 839] > . At OozieCLI.java:[line 839]: At OozieCLI.java:[line 849] > . At OozieCLI.java:[line 876]: java/io/File.<init>(Ljava/lang/String;)V reads > a file whose location might be specified by user input > . java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might > be specified by user input: At OozieCLI.java:[line 871] > . +1 There are no new bugs found in [docs]. > . -1 There are [2] new bugs found below threshold in [examples] that must be > fixed. > . You can find the FindBugs diff here (look for the red and orange ones): > examples/findbugs-new.html > . The most important FindBugs errors are: > . At LocalOozieExample.java:[line 47]: > java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be > specified by user input > . java/io/FileInputStream.<init>(Ljava/lang/String;)V reads a file whose > location might be specified by user input: At LocalOozieExample.java:[line 35] > . At LocalOozieExample.java:[line 35]: At LocalOozieExample.java:[line 72] > . -1 There are [2] new bugs found below threshold in [sharelib/hive] that > must be fixed. > . You can find the FindBugs diff here (look for the red and orange ones): > sharelib/hive/findbugs-new.html > . The most important FindBugs errors are: > . At HiveMain.java:[line 317]: > java/io/FileInputStream.<init>(Ljava/lang/String;)V reads a file whose > location might be specified by user input > . At HiveMain.java:[line 226]: At HiveMain.java:[line 207] > . At HiveMain.java:[line 210]: java/io/File.<init>(Ljava/lang/String;)V reads > a file whose location might be specified by user input > . At HiveMain.java:[line 207] > . -1 There are [3] new bugs found below threshold in [sharelib/pig] that must > be fixed. > . You can find the FindBugs diff here (look for the red and orange ones): > sharelib/pig/findbugs-new.html > . The most important FindBugs errors are: > . At PigMain.java:[line 258]: java/io/File.<init>(Ljava/lang/String;)V reads > a file whose location might be specified by user input > . At PigMain.java:[line 141]: At PigMain.java:[line 131] > . At PigMain.java:[line 245]: At PigMain.java:[line 199] > . At PigMain.java:[line 137]: java/io/File.<init>(Ljava/lang/String;)V reads > a file whose location might be specified by user input > . java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might > be specified by user input: At PigMain.java:[line 131] > . +1 There are no new bugs found in [sharelib/distcp]. > . +1 There are no new bugs found in [sharelib/streaming]. > . -1 There are [2] new bugs found below threshold in [sharelib/spark] that > must be fixed. > . You can find the FindBugs diff here (look for the red and orange ones): > sharelib/spark/findbugs-new.html > . The most important FindBugs errors are: > . At SparkMain.java:[line 128]: > java/io/File.<init>(Ljava/io/File;Ljava/lang/String;)V reads a file whose > location might be specified by user input > . java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might > be specified by user input: At SparkMain.java:[line 128] > . At SparkMain.java:[line 161]: At SparkMain.java:[line 168] > . At SparkMain.java:[line 167] > . +1 There are no new bugs found in [sharelib/hcatalog]. > . +1 There are no new bugs found in [sharelib/sqoop]. > . -1 There are [3] new bugs found below threshold in [sharelib/hive2] that > must be fixed. > . You can find the FindBugs diff here (look for the red and orange ones): > sharelib/hive2/findbugs-new.html > . The most important FindBugs errors are: > . At Hive2Main.java:[line 279]: > java/io/FileInputStream.<init>(Ljava/lang/String;)V reads a file whose > location might be specified by user input > . At Hive2Main.java:[line 165]: At Hive2Main.java:[line 146] > . At Hive2Main.java:[line 149]: java/io/File.<init>(Ljava/lang/String;)V > reads a file whose location might be specified by user input > . java/io/FileOutputStream.<init>(Ljava/lang/String;)V writes to a file whose > location might be specified by user input: At Hive2Main.java:[line 146] > . At Hive2Main.java:[line 118]: At Hive2Main.java:[line 267] > . -1 There are [8] new bugs found below threshold in [sharelib/oozie] that > must be fixed, listing only the first [5] ones. > . You can find the FindBugs diff here (look for the red and orange ones): > sharelib/oozie/findbugs-new.html > . The top [5] most important FindBugs errors are: > . At LauncherMain.java:[line 471]: java/io/File.<init>(Ljava/lang/String;)V > reads a file whose location might be specified by user input > . At LauncherMain.java:[line 461]: java/io/File.<init>(Ljava/lang/String;)V > reads a file whose location might be specified by user input > . At LauncherMain.java:[line 140]: java/io/File.<init>(Ljava/lang/String;)V > reads a file whose location might be specified by user input > . java/io/FileReader.<init>(Ljava/lang/String;)V reads a file whose location > might be specified by user input: At LauncherMain.java:[line 176] > . At LauncherMain.java:[line 176]: At LauncherMain.java:[line 144] > . -1 There are [29] new bugs found below threshold in [tools] that must be > fixed, listing only the first [5] ones. > . You can find the FindBugs diff here (look for the red and orange ones): > tools/findbugs-new.html > . The top [5] most important FindBugs errors are: > . At OozieDBCLI.java:[line 548]: > java/io/FileWriter.<init>(Ljava/lang/String;Z)V writes to a file whose > location might be specified by user input > . At OozieDBCLI.java:[line 126]: At OozieDBCLI.java:[line 122] > . At OozieDBCLI.java:[line 229]: At OozieDBCLI.java:[line 133] > . At OozieDBCLI.java:[line 703]: At OozieDBCLI.java:[line 249] > . At OozieDBCLI.java:[line 577]: > java/io/FileWriter.<init>(Ljava/lang/String;Z)V writes to a file whose > location might be specified by user input > {noformat} -- This message was sent by Atlassian JIRA (v7.6.3#76005)