Please review and fix.
Thanks
Bosco
On 10/1/17, 1:07 AM, "scan-ad...@coverity.com" <scan-ad...@coverity.com> wrote:
Hi,
Please find the latest report on new defect(s) introduced to Apache Ranger
found with Coverity Scan.
3 new defect(s) introduced to Apache Ranger found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the
recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 167289: Null pointer dereferences (FORWARD_NULL)
/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java: 373 in
org.apache.ranger.rest.XUserREST.searchXUsers(javax.servlet.http.HttpServletRequest)()
________________________________________________________________________________________________________
*** CID 167289: Null pointer dereferences (FORWARD_NULL)
/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java: 373 in
org.apache.ranger.rest.XUserREST.searchXUsers(javax.servlet.http.HttpServletRequest)()
367 null);
368 searchUtil.extractString(request, searchCriteria,
"userRole", "UserRole", null);
369 if (CollectionUtils.isNotEmpty(userRolesList) &&
CollectionUtils.size(userRolesList) == 1 &&
userRolesList.get(0).equalsIgnoreCase(UserRoleParamName)) {
370 if
(!(searchCriteria.getParamList().containsKey("name"))) {
371 searchCriteria.addParam("name",
userName);
372 }
>>> CID 167289: Null pointer dereferences (FORWARD_NULL)
>>> Calling a method on null object "userName".
373 else if
((searchCriteria.getParamList().containsKey("name")) &&
userName.contains((String) searchCriteria.getParamList().get("name"))) {
374 searchCriteria.addParam("name",
userName);
375 }
376 else {
377 String randomString = new
Random().toString();
378 searchCriteria.addParam("name",
randomString);
** CID 167288: Null pointer dereferences (REVERSE_INULL)
/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java: 357 in
org.apache.ranger.rest.XUserREST.searchXUsers(javax.servlet.http.HttpServletRequest)()
________________________________________________________________________________________________________
*** CID 167288: Null pointer dereferences (REVERSE_INULL)
/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java: 357 in
org.apache.ranger.rest.XUserREST.searchXUsers(javax.servlet.http.HttpServletRequest)()
351
@PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" +
RangerAPIList.SEARCH_X_USERS + "\")")
352 public VXUserList searchXUsers(@Context HttpServletRequest
request) {
353 String UserRoleParamName = RangerConstants.ROLE_USER;
354 SearchCriteria searchCriteria =
searchUtil.extractCommonCriterias(
355 request, xUserService.sortFields);
356 String userName = null;
>>> CID 167288: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "request" suggests that it may be null, but it has
already been dereferenced on all paths leading to the check.
357 if(request != null && request.getUserPrincipal() !=
null){
358 userName = request.getUserPrincipal().getName();
359 }
360 searchUtil.extractString(request, searchCriteria,
"name", "User name",null);
361 searchUtil.extractString(request, searchCriteria,
"emailAddress", "Email Address",
362 null);
** CID 167287: Null pointer dereferences (FORWARD_NULL)
/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java: 357 in
org.apache.ranger.rest.XUserREST.searchXUsers(javax.servlet.http.HttpServletRequest)()
________________________________________________________________________________________________________
*** CID 167287: Null pointer dereferences (FORWARD_NULL)
/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java: 357 in
org.apache.ranger.rest.XUserREST.searchXUsers(javax.servlet.http.HttpServletRequest)()
351
@PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" +
RangerAPIList.SEARCH_X_USERS + "\")")
352 public VXUserList searchXUsers(@Context HttpServletRequest
request) {
353 String UserRoleParamName = RangerConstants.ROLE_USER;
354 SearchCriteria searchCriteria =
searchUtil.extractCommonCriterias(
355 request, xUserService.sortFields);
356 String userName = null;
>>> CID 167287: Null pointer dereferences (FORWARD_NULL)
>>> Comparing "request" to null implies that "request" might be null.
357 if(request != null && request.getUserPrincipal() !=
null){
358 userName = request.getUserPrincipal().getName();
359 }
360 searchUtil.extractString(request, searchCriteria,
"name", "User name",null);
361 searchUtil.extractString(request, searchCriteria,
"emailAddress", "Email Address",
362 null);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZSbhom32dlDl11LWEm9nX11zsOWMf5dv3Q9Mogo-2FGua3FsLRTFft2V-2FOFC9o0P2e0-3D_d04ZgyDzSjlwpjXIuOFYDNE6R93Lal83MDClQK32PZsm-2Bqcjy6muRdi7IaDRbjxGxQeQePfeRe863kyD6Ke5gd4t7fouGu2W7Wu-2FXUKAGAQqcUi9b-2BFB9niZsyU830q8pbYU-2FSR56epZabNv5uwh9TqXrfKSM9Q2pDSecCU5tczM0wYx6d-2BZ0IrT-2FGRbkPinN1Ra41zgXKG-2FOhVYCwycIw-3D-3D
To manage Coverity Scan email notifications for "bo...@apache.org", click
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4HK0JLY-2BbZ-2FD0yvjg-2BbWSwquqqdEYtbR9nIDW-2BM81kI8TiABM2LsH3tiPfMWf-2FvOsjZSWngS5IRVC-2FH5Pl4zyaK1OE6Dh-2BhR6pXASEFJKZLM-3D_d04ZgyDzSjlwpjXIuOFYDNE6R93Lal83MDClQK32PZsm-2Bqcjy6muRdi7IaDRbjxGm-2Bop23c-2BtcVvjDZ-2F17HqaMFWBFbvcgJ7DaUe00H-2FxuRDyi2bie4abnJJ9-2Bd8YrvEJScSJ39bm5Lc7LdkzQi-2B7uQlEDkZBu1-2Bm71zvQ8ebi1Yoetga-2BUsaQ7fhZ8Szy4Z1apFHODropFfzxbMaqK3Fw-3D-3D
