[
https://issues.apache.org/jira/browse/OOZIE-3482?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16832594#comment-16832594
]
Hadoop QA commented on OOZIE-3482:
----------------------------------
Testing JIRA OOZIE-3482
Cleaning local git workspace
----------------------------
{color:green}+1 PATCH_APPLIES{color}
{color:green}+1 CLEAN{color}
{color:red}-1 RAW_PATCH_ANALYSIS{color}
. {color:green}+1{color} the patch does not introduce any @author tags
. {color:green}+1{color} the patch does not introduce any tabs
. {color:green}+1{color} the patch does not introduce any trailing spaces
. {color:green}+1{color} the patch does not introduce any star imports
. {color:green}+1{color} the patch does not introduce any line longer than
132
. {color:red}-1{color} the patch does not add/modify any testcase
{color:green}+1 RAT{color}
. {color:green}+1{color} the patch does not seem to introduce new RAT
warnings
{color:green}+1 JAVADOC{color}
. {color:green}+1{color} Javadoc generation succeeded with the patch
. {color:green}+1{color} the patch does not seem to introduce new Javadoc
warning(s)
{color:green}+1 COMPILE{color}
. {color:green}+1{color} HEAD compiles
. {color:green}+1{color} patch compiles
. {color:green}+1{color} the patch does not seem to introduce new javac
warnings
{color:red}-1{color} There are [6] new bugs found below threshold in total that
must be fixed.
. {color:green}+1{color} There are no new bugs found in [sharelib/hive2].
. {color:green}+1{color} There are no new bugs found in [sharelib/spark].
. {color:green}+1{color} There are no new bugs found in [sharelib/oozie].
. {color:green}+1{color} There are no new bugs found in [sharelib/pig].
. {color:green}+1{color} There are no new bugs found in [sharelib/streaming].
. {color:green}+1{color} There are no new bugs found in [sharelib/hive].
. {color:green}+1{color} There are no new bugs found in [sharelib/distcp].
. {color:green}+1{color} There are no new bugs found in [sharelib/hcatalog].
. {color:green}+1{color} There are no new bugs found in [sharelib/sqoop].
. {color:green}+1{color} There are no new bugs found in [sharelib/git].
. {color:green}+1{color} There are no new bugs found in [client].
. {color:green}+1{color} There are no new bugs found in [docs].
. {color:green}+1{color} There are no new bugs found in [tools].
. {color:green}+1{color} There are no new bugs found in
[fluent-job/fluent-job-api].
. {color:green}+1{color} There are no new bugs found in [server].
. {color:green}+1{color} There are no new bugs found in [webapp].
. {color:green}+1{color} There are no new bugs found in [examples].
. {color:red}-1{color} There are [6] new bugs found below threshold in
[core] that must be fixed, listing only the first [5] ones.
. You can find the SpotBugs diff here (look for the red and orange ones):
core/findbugs-new.html
. The top [5] most important SpotBugs errors are:
. At CoordSubmitXCommand.java:[line 413]: Boxing/unboxing to parse a
primitive
org.apache.oozie.command.coord.CoordSubmitXCommand.validateCrontab(String)
. At BulkJPAExecutor.java:[line 207]: This use of
javax/persistence/EntityManager.createQuery(Ljava/lang/String;)Ljavax/persistence/Query;
can be vulnerable to SQL/JPQL injection
. At BulkJPAExecutor.java:[line 177]: At BulkJPAExecutor.java:[line 176]
. At BulkJPAExecutor.java:[line 206]: At BulkJPAExecutor.java:[line 200]
. This use of
javax/persistence/EntityManager.createQuery(Ljava/lang/String;)Ljavax/persistence/Query;
can be vulnerable to SQL/JPQL injection: At BulkJPAExecutor.java:[line 207]
{color:green}+1 BACKWARDS_COMPATIBILITY{color}
. {color:green}+1{color} the patch does not change any JPA
Entity/Colum/Basic/Lob/Transient annotations
. {color:green}+1{color} the patch does not modify JPA files
{color:red}-1 TESTS{color}
. Tests run : 3170
. Tests failed : 0
. Tests in error : 9
. Tests timed out : 0
{color:red}-1{color} [ERROR] There are [9] test errors in [core]. Listing only
the first [5] ones
testMaterizationEndOfMonths:org.apache.oozie.command.coord.TestCoordMaterializeTransitionXCommand
testActionMaterEndOfWeeks:org.apache.oozie.command.coord.TestCoordMaterializeTransitionXCommand
Check console output for the full list of errors/failures
. {color:orange}Tests failed at first run:{color}
TestPurgeXCommand#testPurgeableBundleUnpurgeableCoordinatorUnpurgebleWorkflowPurgeableSubWorkflow
. For the complete list of flaky tests, see TEST-SUMMARY-FULL files.
{color:green}+1 DISTRO{color}
. {color:green}+1{color} distro tarball builds with the patch
----------------------------
{color:red}*-1 Overall result, please check the reported -1(s)*{color}
The full output of the test-patch run is available at
. https://builds.apache.org/job/PreCommit-OOZIE-Build/1103/
> Fix bug in CoordSubmitXCommand#validateCoordinatorJob
> -----------------------------------------------------
>
> Key: OOZIE-3482
> URL: https://issues.apache.org/jira/browse/OOZIE-3482
> Project: Oozie
> Issue Type: Bug
> Reporter: Junfan Zhang
> Assignee: Junfan Zhang
> Priority: Major
> Attachments: OOZIE-3482-1.patch
>
>
> The {{CoordSubmitXCommand#validateCoordinatorJob}} is to validate the
> frequency, including that check if the frequency is faster than 5 min and
> frequency is not invalid. But in OOZIE document, the frequency format can be
> EL or crontab formual. In this {{validateCoordinatorJob}}, the logic of the
> code is wrong.
> The related code is linked to
> [gist|https://gist.github.com/zuston/2dbc699a207c4f65ecbca4f93206a132].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
