FW: New Defects reported by Coverity Scan for Apache Ranger

Thu, 03 May 2018 17:30:05 -0700 

Please review and fix if required.

Thanks

Bosco


On 4/26/18, 3:58 AM, "scan-ad...@coverity.com" <scan-ad...@coverity.com> wrote:

    Hi,
    
    Please find the latest report on new defect(s) introduced to Apache Ranger 
found with Coverity Scan.
    
    2 new defect(s) introduced to Apache Ranger found with Coverity Scan.
    1 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.
    
    New defect(s) Reported-by: Coverity Scan
    Showing 2 of 2 defect(s)
    
    
    ** CID 175488:  Concurrent data access violations  (GUARDED_BY_VIOLATION)
    
/agents-audit/src/main/java/org/apache/ranger/audit/provider/AuditProviderFactory.java:
 100 in 
org.apache.ranger.audit.provider.AuditProviderFactory.getAuditProvider()()
    
    
    
________________________________________________________________________________________________________
    *** CID 175488:  Concurrent data access violations  (GUARDED_BY_VIOLATION)
    
/agents-audit/src/main/java/org/apache/ranger/audit/provider/AuditProviderFactory.java:
 100 in 
org.apache.ranger.audit.provider.AuditProviderFactory.getAuditProvider()()
    94                  }
    95     
    96                  return ret;
    97          }
    98     
    99          public AuditHandler getAuditProvider() {
    >>>     CID 175488:  Concurrent data access violations  
(GUARDED_BY_VIOLATION)
    >>>     Accessing "mProvider" without holding lock 
"AuditProviderFactory.this". Elsewhere, 
"org.apache.ranger.audit.provider.AuditProviderFactory.mProvider" is accessed 
with "AuditProviderFactory.this" held 12 out of 14 times.
    100                 return mProvider;
    101         }
    102     
    103         public boolean isInitDone() {
    104                 return mInitDone;
    105         }
    
    ** CID 175487:  Concurrent data access violations  (GUARDED_BY_VIOLATION)
    
/agents-audit/src/main/java/org/apache/ranger/audit/provider/StandAloneAuditProviderFactory.java:
 30 in 
org.apache.ranger.audit.provider.StandAloneAuditProviderFactory.getInstance()()
    
    
    
________________________________________________________________________________________________________
    *** CID 175487:  Concurrent data access violations  (GUARDED_BY_VIOLATION)
    
/agents-audit/src/main/java/org/apache/ranger/audit/provider/StandAloneAuditProviderFactory.java:
 30 in 
org.apache.ranger.audit.provider.StandAloneAuditProviderFactory.getInstance()()
    24     public class StandAloneAuditProviderFactory extends 
AuditProviderFactory {
    25          private static final Log LOG = 
LogFactory.getLog(StandAloneAuditProviderFactory.class);
    26     
    27          private volatile static StandAloneAuditProviderFactory sFactory 
= null;
    28     
    29          public static StandAloneAuditProviderFactory getInstance() {
    >>>     CID 175487:  Concurrent data access violations  
(GUARDED_BY_VIOLATION)
    >>>     Accessing 
"org.apache.ranger.audit.provider.StandAloneAuditProviderFactory.sFactory" 
without holding lock "StandAloneAuditProviderFactory.class". Elsewhere, 
"org.apache.ranger.audit.provider.StandAloneAuditProviderFactory.sFactory" is 
accessed with "StandAloneAuditProviderFactory.class" held 2 out of 3 times.
    30                  StandAloneAuditProviderFactory ret = sFactory;
    31                  if(ret == null) {
    32                          
synchronized(StandAloneAuditProviderFactory.class) {
    33                                  ret = sFactory;
    34                                  if(ret == null) {
    35                                          ret = sFactory = new 
StandAloneAuditProviderFactory();
    
    
    
________________________________________________________________________________________________________
    To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRZSbhom32dlDl11LWEm9nX11zsOWMf5dv3Q9Mogo-2FGua3FsLRTFft2V-2FOFC9o0P2e0-3D_d04ZgyDzSjlwpjXIuOFYDNE6R93Lal83MDClQK32PZsLhPfb3E6V5V-2Bwt8Adm86gM2cnAZ2hrO1Y-2F6us8dR3EF7fY8Tws4-2F0PXD-2BEipSC1NtRVGpgdtz2N0uvJ-2FS49EzG4i1MBSZ5Et7ycsWxCks7WU5ImW8FlANWFHxs7qzHVhm2At1G5boP5hlATiOo8dt1-2FEdUVyWaaPJjUSCSXXoLQ-3D-3D
    
      To manage Coverity Scan email notifications for "bo...@apache.org", click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4HK0JLY-2BbZ-2FD0yvjg-2BbWSwquqqdEYtbR9nIDW-2BM81kI8TiABM2LsH3tiPfMWf-2FvOsjZSWngS5IRVC-2FH5Pl4zyaK1OE6Dh-2BhR6pXASEFJKZLM-3D_d04ZgyDzSjlwpjXIuOFYDNE6R93Lal83MDClQK32PZsLhPfb3E6V5V-2Bwt8Adm86glScWFQ9LnZJXWPMF2H6d1JXfJmfwJ5-2FAytpNDdIltC-2FC-2BbdAHtk1gEX94Xtx3XqWvAS6yKrJasMe644B9Q2KB2dkxjOP4Xhgw95pyOdRbrpET3pZbO4grNVDrVc2gXjNKSni-2F1bN3pUJ0x82uAqwlQ-3D-3D

Reply via email to