[ https://issues.apache.org/jira/browse/CASSANDRA-12542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15578382#comment-15578382 ]
Amit Deshpande commented on CASSANDRA-12542: -------------------------------------------- https://github.com/apache/cassandra/pull/76/files ready with fix > Portability Flaw: Locale Dependent Comparison > --------------------------------------------- > > Key: CASSANDRA-12542 > URL: https://issues.apache.org/jira/browse/CASSANDRA-12542 > Project: Cassandra > Issue Type: Sub-task > Reporter: Eduardo Aguinaga > Priority: Trivial > > Overview: > In May through June of 2016 a static analysis was performed on version 3.0.5 > of the Cassandra source code. The analysis included an automated analysis > using HP Fortify v4.21 SCA and a manual analysis utilizing SciTools > Understand v4. The results of that analysis includes the issue below. > Issue: > In the file SpeculativeRetryParam.java on lines 91 and 103 there are a > portability problems with the call to toLowerCase() because it has different > locales which may lead to unexpected output. This may also circumvent custom > validation routines. > SpeculativeRetryParam.java, lines 91-101: > {code:java} > 091 if (value.toLowerCase().endsWith("ms")) > 092 { > 093 try > 094 { > 095 return custom(Double.parseDouble(value.substring(0, > value.length() - "ms".length()))); > 096 } > 097 catch (IllegalArgumentException e) > 098 { > 099 throw new ConfigurationException(format("Invalid value %s for > option '%s'", value, TableParams.Option.SPECULATIVE_RETRY)); > 100 } > 101 } > {code} > SpeculativeRetryParam.java, lines 103-121: > {code:java} > 103 if (value.toUpperCase().endsWith(Kind.PERCENTILE.toString())) > 104 { > 105 double threshold; > 106 try > 107 { > 108 threshold = Double.parseDouble(value.substring(0, value.length() > - Kind.PERCENTILE.toString().length())); > 109 } > 110 catch (IllegalArgumentException e) > 111 { > 112 throw new ConfigurationException(format("Invalid value %s for > option '%s'", value, TableParams.Option.SPECULATIVE_RETRY)); > 113 } > 114 > 115 if (threshold >= 0.0 && threshold <= 100.0) > 116 return percentile(threshold); > 117 > 118 throw new ConfigurationException(format("Invalid value %s for > PERCENTILE option '%s': must be between 0.0 and 100.0", > 119 value, > 120 > TableParams.Option.SPECULATIVE_RETRY)); > 121 } > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)