Contributors/Committers, Please review and fix as appropriate.
Thanks! On 9/21/17, 12:35 AM, "[email protected]" <[email protected]> wrote: > >Hi, > >Please find the latest report on new defect(s) introduced to Apache >Ranger found with Coverity Scan. > >9 new defect(s) introduced to Apache Ranger found with Coverity Scan. >3 defect(s), reported by Coverity Scan earlier, were marked fixed in the >recent build analyzed by Coverity Scan. > >New defect(s) Reported-by: Coverity Scan >Showing 9 of 9 defect(s) > > >** CID 167209: FindBugs: Bad practice (FB.DM_EXIT) >/security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUse >rSearchUtil.java: 159 in >org.apache.ranger.patch.cliutil.RoleBasedUserSearchUtil.getUsersBasedOnRol >e(java.util.List)() > > >__________________________________________________________________________ >______________________________ >*** CID 167209: FindBugs: Bad practice (FB.DM_EXIT) >/security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUse >rSearchUtil.java: 159 in >org.apache.ranger.patch.cliutil.RoleBasedUserSearchUtil.getUsersBasedOnRol >e(java.util.List)() >153 } >154 } >155 } >156 if (MapUtils.isEmpty( >roleSysAdminMap) && MapUtils.isEmpty(roleKeyAdminMap) && >MapUtils.isEmpty(roleUserMap)) { >157 System.out.println("users >with given user role are not there"); >158 logger.error("users with >given user role are not there"); >>>> CID 167209: FindBugs: Bad practice (FB.DM_EXIT) >>>> >>>>org.apache.ranger.patch.cliutil.RoleBasedUserSearchUtil.getUsersBasedOn >>>>Role(List) invokes System.exit(...), which shuts down the entire >>>>virtual machine. >159 System.exit(1); >160 } else { >161 if >(!MapUtils.isEmpty(roleSysAdminMap)) { >162 for (String key : >roleSysAdminMap.keySet()) { >163 >System.out.println(roleSysAdminMap.get(key) + " : " + key); >164 } > >** CID 167208: Incorrect expression (USELESS_CALL) > > >__________________________________________________________________________ >______________________________ >*** CID 167208: Incorrect expression (USELESS_CALL) >/security-admin/src/test/java/org/apache/ranger/patch/cliutil/TestRoleBase >dUserSearchUtil.java: 89 in >org.apache.ranger.patch.cliutil.TestRoleBasedUserSearchUtil.TestGetUsersBa >sedOnRole()() >83 >84 >Mockito.when(daoMgr.getXXPortalUser()).thenReturn(xXPortalUserDao); >85 >Mockito.when(xXPortalUserDao.findByRole(RangerConstants.ROLE_SYS_ADMIN)).t >henReturn(listXXPortalUser); >86 >87 >roleBasedUserSearchUtil.getUsersBasedOnRole(userRoleList); >88 >>>> CID 167208: Incorrect expression (USELESS_CALL) >>>> Calling >>>>"(org.apache.ranger.db.RangerDaoManager)org.mockito.Mockito.verify(daoM >>>>gr).getXXPortalUser()" is only useful for its return value, which is >>>>ignored. >89 Mockito.verify(daoMgr).getXXPortalUser(); >90 >Mockito.verify(xXPortalUserDao).findByRole(RangerConstants.ROLE_SYS_ADMIN) >; >91 >92 } catch(Exception e) { >93 fail("test failed due to: " + e.getMessage()); >94 } > >** CID 167207: FindBugs: Internationalization (FB.DM_DEFAULT_ENCODING) >/knox-agent/src/test/java/org/apache/ranger/services/knox/RangerAdminClien >tImpl.java: 63 in >org.apache.ranger.services.knox.RangerAdminClientImpl.getServicePoliciesIf >Updated(long, long)() > > >__________________________________________________________________________ >______________________________ >*** CID 167207: FindBugs: Internationalization (FB.DM_DEFAULT_ENCODING) >/knox-agent/src/test/java/org/apache/ranger/services/knox/RangerAdminClien >tImpl.java: 63 in >org.apache.ranger.services.knox.RangerAdminClientImpl.getServicePoliciesIf >Updated(long, long)() >57 basedir = new File(".").getCanonicalPath(); >58 } >59 >60 java.nio.file.Path cachePath = >FileSystems.getDefault().getPath(basedir, "/src/test/resources/" + >cacheFilename); >61 byte[] cacheBytes = Files.readAllBytes(cachePath); >62 >>>> CID 167207: FindBugs: Internationalization >>>>(FB.DM_DEFAULT_ENCODING) >>>> Found reliance on default encoding: new String(byte[]). >63 return gson.fromJson(new String(cacheBytes), >ServicePolicies.class); >64 } >65 >66 public void grantAccess(GrantRevokeRequest request) throws >Exception { >67 >68 } > >** CID 167206: Incorrect expression (USELESS_CALL) > > >__________________________________________________________________________ >______________________________ >*** CID 167206: Incorrect expression (USELESS_CALL) >/security-admin/src/test/java/org/apache/ranger/patch/cliutil/TestRoleBase >dUserSearchUtil.java: 132 in >org.apache.ranger.patch.cliutil.TestRoleBasedUserSearchUtil.TestValidateUs >erAndFetchUserList()() >126 >Mockito.when(xXPortalUserDao.findByRole(Mockito.anyString())).thenReturn(l >istXXPortalUser); >127 >128 roleBasedUserSearchUtil.validateUserAndFetchUserList(); >129 Mockito.verify(daoMgr, >Mockito.atLeast(2)).getXXPortalUser(); >130 >Mockito.verify(xXPortalUserDao).findByLoginId(Mockito.anyString()); >131 >Mockito.verify(xUserService).getXUserByUserName(xxPortalUser.getLoginId()) >; >>>> CID 167206: Incorrect expression (USELESS_CALL) >>>> Calling >>>>"(org.apache.ranger.db.RangerDaoManager)org.mockito.Mockito.verify(daoM >>>>gr).getXXModuleDef()" is only useful for its return value, which is >>>>ignored. >132 Mockito.verify(daoMgr).getXXModuleDef(); >133 >Mockito.verify(xXModuleDefDao).findAccessibleModulesByUserId(Mockito.anyLo >ng(), Mockito.anyLong()); >134 >Mockito.verify(userMgr).encrypt(Mockito.anyString(),Mockito.anyString()); >135 Mockito.verify(xXPortalUserDao, >Mockito.atLeast(2)).findByRole(Mockito.anyString()); >136 >137 } >138 > >** CID 167205: Incorrect expression (USELESS_CALL) > > >__________________________________________________________________________ >______________________________ >*** CID 167205: Incorrect expression (USELESS_CALL) >/security-admin/src/test/java/org/apache/ranger/patch/cliutil/TestRoleBase >dUserSearchUtil.java: 129 in >org.apache.ranger.patch.cliutil.TestRoleBasedUserSearchUtil.TestValidateUs >erAndFetchUserList()() >123 >Mockito.when(daoMgr.getXXModuleDef()).thenReturn(xXModuleDefDao); >124 >Mockito.when(xXModuleDefDao.findAccessibleModulesByUserId(Mockito.anyLong( >), Mockito.anyLong())).thenReturn(permissionList); >125 >Mockito.when(userMgr.encrypt(Mockito.anyString(),Mockito.anyString())).the >nReturn(currentEncryptedPassword); >126 >Mockito.when(xXPortalUserDao.findByRole(Mockito.anyString())).thenReturn(l >istXXPortalUser); >127 >128 roleBasedUserSearchUtil.validateUserAndFetchUserList(); >>>> CID 167205: Incorrect expression (USELESS_CALL) >>>> Calling >>>>"(org.apache.ranger.db.RangerDaoManager)org.mockito.Mockito.verify(daoM >>>>gr, org.mockito.Mockito.atLeast(2)).getXXPortalUser()" is only useful >>>>for its return value, which is ignored. >129 Mockito.verify(daoMgr, >Mockito.atLeast(2)).getXXPortalUser(); >130 >Mockito.verify(xXPortalUserDao).findByLoginId(Mockito.anyString()); >131 >Mockito.verify(xUserService).getXUserByUserName(xxPortalUser.getLoginId()) >; >132 Mockito.verify(daoMgr).getXXModuleDef(); >133 >Mockito.verify(xXModuleDefDao).findAccessibleModulesByUserId(Mockito.anyLo >ng(), Mockito.anyLong()); >134 >Mockito.verify(userMgr).encrypt(Mockito.anyString(),Mockito.anyString()); > >** CID 167204: Null pointer dereferences (NULL_RETURNS) >/knox-agent/src/test/java/org/apache/ranger/services/knox/KnoxRangerTest.j >ava: 151 in >org.apache.ranger.services.knox.KnoxRangerTest.createTopology()() > > >__________________________________________________________________________ >______________________________ >*** CID 167204: Null pointer dereferences (NULL_RETURNS) >/knox-agent/src/test/java/org/apache/ranger/services/knox/KnoxRangerTest.j >ava: 151 in >org.apache.ranger.services.knox.KnoxRangerTest.createTopology()() >145 /** >146 * Creates a topology that is deployed to the gateway >instance for the test suite. >147 * Note that this topology is shared by all of the test >methods in this suite. >148 * @return A populated XML structure for a topology file. >149 */ >150 private static XMLTag createTopology() { >>>> CID 167204: Null pointer dereferences (NULL_RETURNS) >>>> Calling a method on null object >>>>"org.apache.ranger.services.knox.KnoxRangerTest.ldapTransport.getAccept >>>>or()". >151 XMLTag xml = XMLDoc.newDocument( true ) >152 .addRoot( "topology" ) >153 .addTag( "gateway" ) >154 .addTag( "provider" ) >155 .addTag( "role" ).addText( "webappsec" ) >156 .addTag("name").addText("WebAppSec") > >** CID 167203: FindBugs: Bad practice >(FB.RV_RETURN_VALUE_IGNORED_BAD_PRACTICE) >/knox-agent/src/test/java/org/apache/ranger/services/knox/KnoxRangerTest.j >ava: 125 in >org.apache.ranger.services.knox.KnoxRangerTest.setupGateway()() > > >__________________________________________________________________________ >______________________________ >*** CID 167203: FindBugs: Bad practice >(FB.RV_RETURN_VALUE_IGNORED_BAD_PRACTICE) >/knox-agent/src/test/java/org/apache/ranger/services/knox/KnoxRangerTest.j >ava: 125 in >org.apache.ranger.services.knox.KnoxRangerTest.setupGateway()() >119 config.setGatewayServicesDir(targetDir.getPath() + >File.separator + "services"); >120 >121 File topoDir = new File( config.getGatewayTopologyDir() ); >122 topoDir.mkdirs(); >123 >124 File deployDir = new File( >config.getGatewayDeploymentDir() ); >>>> CID 167203: FindBugs: Bad practice >>>>(FB.RV_RETURN_VALUE_IGNORED_BAD_PRACTICE) >>>> Another occurrence here >125 deployDir.mkdirs(); >126 >127 File descriptor = new File( topoDir, "cluster.xml" ); >128 FileOutputStream stream = new FileOutputStream( >descriptor ); >129 createTopology().toStream( stream ); >130 stream.close(); > >** CID 167202: FindBugs: Bad practice (FB.DM_EXIT) >/security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUse >rSearchUtil.java: 268 in >org.apache.ranger.patch.cliutil.RoleBasedUserSearchUtil.validateUserAndFet >chUserList()() > > >__________________________________________________________________________ >______________________________ >*** CID 167202: FindBugs: Bad practice (FB.DM_EXIT) >/security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUse >rSearchUtil.java: 268 in >org.apache.ranger.patch.cliutil.RoleBasedUserSearchUtil.validateUserAndFet >chUserList()() >262 logger.error("Getting User's List >with the mentioned role failure. Detail: \n",e); >263 System.exit(1); >264 } >265 } else { >266 System.out.println("User does not exist >in DB!!"); >267 logger.error("User does not exist in DB"); >>>> CID 167202: FindBugs: Bad practice (FB.DM_EXIT) >>>> Another occurrence here >268 System.exit(1); >269 } >270 } > >** CID 167201: FindBugs: Performance (FB.WMI_WRONG_MAP_ITERATOR) >/security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUse >rSearchUtil.java: 173 in >org.apache.ranger.patch.cliutil.RoleBasedUserSearchUtil.getUsersBasedOnRol >e(java.util.List)() > > >__________________________________________________________________________ >______________________________ >*** CID 167201: FindBugs: Performance (FB.WMI_WRONG_MAP_ITERATOR) >/security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUse >rSearchUtil.java: 173 in >org.apache.ranger.patch.cliutil.RoleBasedUserSearchUtil.getUsersBasedOnRol >e(java.util.List)() >167 for (String key : >roleKeyAdminMap.keySet()) { >168 >System.out.println(roleKeyAdminMap.get(key) + " : " + key); >169 } >170 } >171 if >(!MapUtils.isEmpty(roleUserMap)) { >172 for (String key : >roleUserMap.keySet()) { >>>> CID 167201: FindBugs: Performance (FB.WMI_WRONG_MAP_ITERATOR) >>>> Another occurrence here >173 >System.out.println(roleUserMap.get(key) + " : " + key); >174 } >175 } >176 if >(userRoleList.contains(RangerConstants.ROLE_SYS_ADMIN)) { >177 >System.out.println("ROLE_SYS_ADMIN Total Count : " + >roleSysAdminMap.size()); >178 } > > >__________________________________________________________________________ >______________________________ >To view the defects in Coverity Scan visit, >https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V >05UPxvVjWch-2Bd2MGckcRZSbhom32dlDl11LWEm9nX11zsOWMf5dv3Q9Mogo-2FGua3FsLRTF >ft2V-2FOFC9o0P2e0-3D_eYGgfjRVvnymu7-2Fg39LOcg-2Fwh01uR5A1l1-2BVcR3oH7pM-2F >BtyNXoM4dIBzKwHlbDYw5bsQYgnbUmUHQnzAV04-2F2xz-2FfZ-2BVjbh7vlB6nJK2NBqeybiJ >WWdK66K2mzeUcqxy8ZTU4tC-2B-2BLIhUJbqctcbHdUNiLof6a-2FPdOttSUvrknbX90rT-2Bh >Cxep13Mnm2vkrnwuonBGtRfRirTU-2BJRc-2BuU488-2BXbE-2B5uMJveoRThKNo-3D > >To manage Coverity Scan email notifications for >"[email protected]", click >https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V >05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4rq896qxTW4IjcOjjCxcjhdwy7bkx >0GaYF4jcZRTENcC8UedPeL4l2t0VBzV197ihjH14Ve5jAkEZTKufdAcDuKGDIx74O-2BWzK0Pb >pXpwQLY-3D_eYGgfjRVvnymu7-2Fg39LOcg-2Fwh01uR5A1l1-2BVcR3oH7pM-2FBtyNXoM4dI >BzKwHlbDYw5bsQYgnbUmUHQnzAV04-2F3tyQ0lMxHlzYVsCwh-2F90iyU254AUBBkyvH0W6mX3 >I3XgJbDfqeNmJNVTJrOEZ9bzZL4dfjrvISowcrcB5LjqqRS8no5UFDti7fsHevc3cgcFQ95cOq >dmOixDFacCxxkEShFxwJtrNVpdXnWXt1OOEI-3D >
