[
https://issues.apache.org/jira/browse/OOZIE-3124?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andras Salamon resolved OOZIE-3124.
-----------------------------------
Resolution: Duplicate
> address findbugs warnings
> -------------------------
>
> Key: OOZIE-3124
> URL: https://issues.apache.org/jira/browse/OOZIE-3124
> Project: Oozie
> Issue Type: Bug
> Reporter: Artem Ervits
> Priority: Major
> Fix For: 5.2.0
>
>
> {noformat}
> -1 There are [125] new bugs found below threshold in total that must be fixed.
> . -1 There are [67] new bugs found below threshold in [core] that must be
> fixed, listing only the first [5] ones.
> . You can find the FindBugs diff here (look for the red and orange ones):
> core/findbugs-new.html
> . The top [5] most important FindBugs errors are:
> . At EmailActionExecutor.java:[line 267]:
> java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be
> specified by user input
> . At EmailActionExecutor.java:[line 162]: At EmailActionExecutor.java:[line
> 160]
> . At EmailActionExecutor.java:[line 176]: At EmailActionExecutor.java:[line
> 171]
> . At SshActionExecutor.java:[line 134]: This usage of
> java/lang/Runtime.exec([Ljava/lang/String;)Ljava/lang/Process; can be
> vulnerable to Command Injection
> . At SshActionExecutor.java:[line 131]: At SshActionExecutor.java:[line 130]
> . -1 There are [1] new bugs found below threshold in [server] that must be
> fixed.
> . You can find the FindBugs diff here (look for the red and orange ones):
> server/findbugs-new.html
> . The most important FindBugs errors are:
> . At JspHandlerProvider.java:[line 43]:
> java/io/File.<init>(Ljava/lang/String;Ljava/lang/String;)V reads a file whose
> location might be specified by user input
> . At JspHandlerProvider.java:[line 43]
> . -1 There are [8] new bugs found below threshold in [client] that must be
> fixed, listing only the first [5] ones.
> . You can find the FindBugs diff here (look for the red and orange ones):
> client/findbugs-new.html
> . The top [5] most important FindBugs errors are:
> . At OozieCLI.java:[line 841]: java/io/File.<init>(Ljava/lang/String;)V reads
> a file whose location might be specified by user input
> . java/io/FileInputStream.<init>(Ljava/lang/String;)V reads a file whose
> location might be specified by user input: At OozieCLI.java:[line 839]
> . At OozieCLI.java:[line 839]: At OozieCLI.java:[line 849]
> . At OozieCLI.java:[line 876]: java/io/File.<init>(Ljava/lang/String;)V reads
> a file whose location might be specified by user input
> . java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might
> be specified by user input: At OozieCLI.java:[line 871]
> . +1 There are no new bugs found in [docs].
> . -1 There are [2] new bugs found below threshold in [examples] that must be
> fixed.
> . You can find the FindBugs diff here (look for the red and orange ones):
> examples/findbugs-new.html
> . The most important FindBugs errors are:
> . At LocalOozieExample.java:[line 47]:
> java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might be
> specified by user input
> . java/io/FileInputStream.<init>(Ljava/lang/String;)V reads a file whose
> location might be specified by user input: At LocalOozieExample.java:[line 35]
> . At LocalOozieExample.java:[line 35]: At LocalOozieExample.java:[line 72]
> . -1 There are [2] new bugs found below threshold in [sharelib/hive] that
> must be fixed.
> . You can find the FindBugs diff here (look for the red and orange ones):
> sharelib/hive/findbugs-new.html
> . The most important FindBugs errors are:
> . At HiveMain.java:[line 317]:
> java/io/FileInputStream.<init>(Ljava/lang/String;)V reads a file whose
> location might be specified by user input
> . At HiveMain.java:[line 226]: At HiveMain.java:[line 207]
> . At HiveMain.java:[line 210]: java/io/File.<init>(Ljava/lang/String;)V reads
> a file whose location might be specified by user input
> . At HiveMain.java:[line 207]
> . -1 There are [3] new bugs found below threshold in [sharelib/pig] that must
> be fixed.
> . You can find the FindBugs diff here (look for the red and orange ones):
> sharelib/pig/findbugs-new.html
> . The most important FindBugs errors are:
> . At PigMain.java:[line 258]: java/io/File.<init>(Ljava/lang/String;)V reads
> a file whose location might be specified by user input
> . At PigMain.java:[line 141]: At PigMain.java:[line 131]
> . At PigMain.java:[line 245]: At PigMain.java:[line 199]
> . At PigMain.java:[line 137]: java/io/File.<init>(Ljava/lang/String;)V reads
> a file whose location might be specified by user input
> . java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might
> be specified by user input: At PigMain.java:[line 131]
> . +1 There are no new bugs found in [sharelib/distcp].
> . +1 There are no new bugs found in [sharelib/streaming].
> . -1 There are [2] new bugs found below threshold in [sharelib/spark] that
> must be fixed.
> . You can find the FindBugs diff here (look for the red and orange ones):
> sharelib/spark/findbugs-new.html
> . The most important FindBugs errors are:
> . At SparkMain.java:[line 128]:
> java/io/File.<init>(Ljava/io/File;Ljava/lang/String;)V reads a file whose
> location might be specified by user input
> . java/io/File.<init>(Ljava/lang/String;)V reads a file whose location might
> be specified by user input: At SparkMain.java:[line 128]
> . At SparkMain.java:[line 161]: At SparkMain.java:[line 168]
> . At SparkMain.java:[line 167]
> . +1 There are no new bugs found in [sharelib/hcatalog].
> . +1 There are no new bugs found in [sharelib/sqoop].
> . -1 There are [3] new bugs found below threshold in [sharelib/hive2] that
> must be fixed.
> . You can find the FindBugs diff here (look for the red and orange ones):
> sharelib/hive2/findbugs-new.html
> . The most important FindBugs errors are:
> . At Hive2Main.java:[line 279]:
> java/io/FileInputStream.<init>(Ljava/lang/String;)V reads a file whose
> location might be specified by user input
> . At Hive2Main.java:[line 165]: At Hive2Main.java:[line 146]
> . At Hive2Main.java:[line 149]: java/io/File.<init>(Ljava/lang/String;)V
> reads a file whose location might be specified by user input
> . java/io/FileOutputStream.<init>(Ljava/lang/String;)V writes to a file whose
> location might be specified by user input: At Hive2Main.java:[line 146]
> . At Hive2Main.java:[line 118]: At Hive2Main.java:[line 267]
> . -1 There are [8] new bugs found below threshold in [sharelib/oozie] that
> must be fixed, listing only the first [5] ones.
> . You can find the FindBugs diff here (look for the red and orange ones):
> sharelib/oozie/findbugs-new.html
> . The top [5] most important FindBugs errors are:
> . At LauncherMain.java:[line 471]: java/io/File.<init>(Ljava/lang/String;)V
> reads a file whose location might be specified by user input
> . At LauncherMain.java:[line 461]: java/io/File.<init>(Ljava/lang/String;)V
> reads a file whose location might be specified by user input
> . At LauncherMain.java:[line 140]: java/io/File.<init>(Ljava/lang/String;)V
> reads a file whose location might be specified by user input
> . java/io/FileReader.<init>(Ljava/lang/String;)V reads a file whose location
> might be specified by user input: At LauncherMain.java:[line 176]
> . At LauncherMain.java:[line 176]: At LauncherMain.java:[line 144]
> . -1 There are [29] new bugs found below threshold in [tools] that must be
> fixed, listing only the first [5] ones.
> . You can find the FindBugs diff here (look for the red and orange ones):
> tools/findbugs-new.html
> . The top [5] most important FindBugs errors are:
> . At OozieDBCLI.java:[line 548]:
> java/io/FileWriter.<init>(Ljava/lang/String;Z)V writes to a file whose
> location might be specified by user input
> . At OozieDBCLI.java:[line 126]: At OozieDBCLI.java:[line 122]
> . At OozieDBCLI.java:[line 229]: At OozieDBCLI.java:[line 133]
> . At OozieDBCLI.java:[line 703]: At OozieDBCLI.java:[line 249]
> . At OozieDBCLI.java:[line 577]:
> java/io/FileWriter.<init>(Ljava/lang/String;Z)V writes to a file whose
> location might be specified by user input
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
