[
https://issues.apache.org/jira/browse/OOZIE-3621?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17343150#comment-17343150
]
Chia-Ping Tsai commented on OOZIE-3621:
---------------------------------------
{quote}
[INFO] --- spotbugs-maven-plugin:3.1.11:check (default-cli) @ oozie-tools ---
[INFO] BugInstance size is 112
[INFO] Error size is 0
[INFO] Total bugs: 112
[ERROR] org.apache.oozie.tools.OozieDBCLI.getAddColumnQuery(String, String,
String) invokes inefficient new String(String) constructor
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 702] DM_STRING_CTOR
[ERROR] org.apache.oozie.tools.OozieDBCLI.getDropColumnQuery(String, String)
invokes inefficient new String(String) constructor
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 698] DM_STRING_CTOR
[ERROR] org.apache.oozie.tools.OozieDBCLI.getRenameColumnQuery(String, String,
String) invokes inefficient new String(String) constructor
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 694] DM_STRING_CTOR
[ERROR] Possible information exposure through an error message
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 165]
INFORMATION_EXPOSURE_THROUGH_AN_ERROR_MESSAGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.HELP_INFO should be package protected
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 74] MS_PKGPROTECT
[ERROR] org.apache.oozie.tools.OozieDBCLI.ddlTweaksForPre50(String, boolean,
String) may fail to clean up java.sql.Statement
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI]
Obligation to clean up resource created at OozieDBCLI.java:[line 745] is not
dischargedPath continues at OozieDBCLI.java:[line 746]Path continues at
OozieDBCLI.java:[line 752]Path continues at OozieDBCLI.java:[line 753]Path
continues at OozieDBCLI.java:[line 754]Path continues at OozieDBCLI.java:[line
758] OBL_UNSATISFIED_OBLIGATION
[ERROR] org.apache.oozie.tools.OozieDBCLI.checkDBExists() may fail to clean up
java.sql.ResultSet on checked exception [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI]
Obligation to clean up resource created at OozieDBCLI.java:[line 939] is not
dischargedPath continues at OozieDBCLI.java:[line 940]Path continues at
OozieDBCLI.java:[line 945]Path continues at OozieDBCLI.java:[line 946]Path
continues at OozieDBCLI.java:[line 949]
OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.checkDBExists() may fail to clean up
java.sql.Statement on checked exception [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] Obligation to clean up resource created at
OozieDBCLI.java:[line 938] is not dischargedPath continues at
OozieDBCLI.java:[line 939]Path continues at OozieDBCLI.java:[line 940]Path
continues at OozieDBCLI.java:[line 945]Path continues at OozieDBCLI.java:[line
946]Path continues at OozieDBCLI.java:[line 949]
OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.convertClobToBlobInMysql(String,
Connection) may fail to clean up java.sql.Statement on checked exception
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] Obligation to clean up resource created at
OozieDBCLI.java:[line 572] is not dischargedPath continues at
OozieDBCLI.java:[line 573]Path continues at OozieDBCLI.java:[line 574]Path
continues at OozieDBCLI.java:[line 575]Path continues at OozieDBCLI.java:[line
576]Path continues at OozieDBCLI.java:[line 577]Path continues at
OozieDBCLI.java:[line 578]Path continues at OozieDBCLI.java:[line 581]Path
continues at OozieDBCLI.java:[line 582]Path continues at OozieDBCLI.java:[line
583]Path continues at OozieDBCLI.java:[line 584]
OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.createOozieSysTable(String, boolean,
String) may fail to clean up java.sql.Statement on checked exception
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI]
Obligation to clean up resource created at OozieDBCLI.java:[line 1047] is not
dischargedPath continues at OozieDBCLI.java:[line 1048]Path continues at
OozieDBCLI.java:[line 1056]Path continues at OozieDBCLI.java:[line 1057]Path
continues at OozieDBCLI.java:[line 1060]Path continues at OozieDBCLI.java:[line
1061] OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.ddlTweaks(String, boolean) may fail
to clean up java.sql.Statement on checked exception
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI]
Obligation to clean up resource created at OozieDBCLI.java:[line 882] is not
dischargedPath continues at OozieDBCLI.java:[line 883]Path continues at
OozieDBCLI.java:[line 903]Path continues at OozieDBCLI.java:[line 904]
OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.getOozieDBVersion() may fail to clean
up java.sql.ResultSet on checked exception [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI]
Obligation to clean up resource created at OozieDBCLI.java:[line 994] is not
dischargedPath continues at OozieDBCLI.java:[line 995]Path continues at
OozieDBCLI.java:[line 1004]Path continues at OozieDBCLI.java:[line 1005]Path
continues at OozieDBCLI.java:[line 1008]
OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.getOozieDBVersion() may fail to clean
up java.sql.Statement on checked exception [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] Obligation to clean up resource created at
OozieDBCLI.java:[line 993] is not dischargedPath continues at
OozieDBCLI.java:[line 994]Path continues at OozieDBCLI.java:[line 995]Path
continues at OozieDBCLI.java:[line 1004]Path continues at OozieDBCLI.java:[line
1005]Path continues at OozieDBCLI.java:[line 1008]
OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.postUpgradeTasks(String, boolean,
boolean) may fail to clean up java.sql.Statement on checked exception
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI]
Obligation to clean up resource created at OozieDBCLI.java:[line 373] is not
dischargedPath continues at OozieDBCLI.java:[line 374]Path continues at
OozieDBCLI.java:[line 433]Path continues at OozieDBCLI.java:[line 434]
OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.postUpgradeTasksFor40(String,
boolean) may fail to clean up java.sql.Statement on checked exception
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI]
Obligation to clean up resource created at OozieDBCLI.java:[line 456] is not
dischargedPath continues at OozieDBCLI.java:[line 457]Path continues at
OozieDBCLI.java:[line 469]Path continues at OozieDBCLI.java:[line 470]
OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.showOozieSysInfo() may fail to clean
up java.sql.ResultSet on checked exception [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI]
Obligation to clean up resource created at OozieDBCLI.java:[line 1077] is not
dischargedPath continues at OozieDBCLI.java:[line 1078]Path continues at
OozieDBCLI.java:[line 1086]Path continues at OozieDBCLI.java:[line 1087]Path
continues at OozieDBCLI.java:[line 1090]
OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.showOozieSysInfo() may fail to clean
up java.sql.Statement on checked exception [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] Obligation to clean up resource created at
OozieDBCLI.java:[line 1076] is not dischargedPath continues at
OozieDBCLI.java:[line 1077]Path continues at OozieDBCLI.java:[line 1078]Path
continues at OozieDBCLI.java:[line 1086]Path continues at OozieDBCLI.java:[line
1087]Path continues at OozieDBCLI.java:[line 1090]
OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.upgradeOozieDBVersion(String,
boolean, String) may fail to clean up java.sql.Statement on checked exception
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] Obligation to clean up resource created at
OozieDBCLI.java:[line 287] is not dischargedPath continues at
OozieDBCLI.java:[line 288]Path continues at OozieDBCLI.java:[line 292]Path
continues at OozieDBCLI.java:[line 293]Path continues at OozieDBCLI.java:[line
296] OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.verifyDBState() may fail to clean up
java.sql.ResultSet on checked exception [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI]
Obligation to clean up resource created at OozieDBCLI.java:[line 1099] is not
dischargedPath continues at OozieDBCLI.java:[line 1100]Path continues at
OozieDBCLI.java:[line 1111] OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.verifyDBState() may fail to clean up
java.sql.Statement on checked exception [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] Obligation to clean up resource created at
OozieDBCLI.java:[line 1098] is not dischargedPath continues at
OozieDBCLI.java:[line 1099]Path continues at OozieDBCLI.java:[line 1100]Path
continues at OozieDBCLI.java:[line 1111]
OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.verifyOozieSysTable(boolean, boolean)
may fail to clean up java.sql.ResultSet on checked exception
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] Obligation to clean up resource created at
OozieDBCLI.java:[line 967] is not dischargedPath continues at
OozieDBCLI.java:[line 968]Path continues at OozieDBCLI.java:[line 973]Path
continues at OozieDBCLI.java:[line 974]Path continues at OozieDBCLI.java:[line
977] OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.verifyOozieSysTable(boolean, boolean)
may fail to clean up java.sql.Statement on checked exception
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI]
Obligation to clean up resource created at OozieDBCLI.java:[line 966] is not
dischargedPath continues at OozieDBCLI.java:[line 967]Path continues at
OozieDBCLI.java:[line 968]Path continues at OozieDBCLI.java:[line 973]Path
continues at OozieDBCLI.java:[line 974]Path continues at OozieDBCLI.java:[line
977] OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[ERROR] org.apache.oozie.tools.OozieDBCLI.ddlTweaksForPre50(String, boolean,
String) may fail to close Statement [org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 745] ODR_OPEN_DATABASE_RESOURCE
[ERROR] org.apache.oozie.tools.OozieDBCLI.replaceForDerby(String, String) may
fail to close Statement [org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 481] ODR_OPEN_DATABASE_RESOURCE
[ERROR] org.apache.oozie.tools.OozieDBCLI.checkDBExists() may fail to close
database resource on exception [org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 938] ODR_OPEN_DATABASE_RESOURCE_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.createOozieSysTable(String, boolean,
String) may fail to close database resource on exception
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 1047]
ODR_OPEN_DATABASE_RESOURCE_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.ddlTweaks(String, boolean) may fail
to close database resource on exception [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 882]Another
occurrence at OozieDBCLI.java:[line 894]
ODR_OPEN_DATABASE_RESOURCE_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.getOozieDBVersion() may fail to close
database resource on exception [org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 993] ODR_OPEN_DATABASE_RESOURCE_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.postUpgradeTasks(String, boolean,
boolean) may fail to close database resource on exception
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 373]Another occurrence at OozieDBCLI.java:[line
379]Another occurrence at OozieDBCLI.java:[line 390]Another occurrence at
OozieDBCLI.java:[line 393]Another occurrence at OozieDBCLI.java:[line
396]Another occurrence at OozieDBCLI.java:[line 420]
ODR_OPEN_DATABASE_RESOURCE_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.postUpgradeTasksFor40(String,
boolean) may fail to close database resource on exception
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 456]
ODR_OPEN_DATABASE_RESOURCE_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.replaceForDerby(String, String) may
fail to close database resource on exception
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 491]
ODR_OPEN_DATABASE_RESOURCE_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.showOozieSysInfo() may fail to close
database resource on exception [org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 1076] ODR_OPEN_DATABASE_RESOURCE_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.upgradeOozieDBVersion(String,
boolean, String) may fail to close database resource on exception
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 287]
ODR_OPEN_DATABASE_RESOURCE_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.verifyDBState() may fail to close
database resource on exception [org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 1098] ODR_OPEN_DATABASE_RESOURCE_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.verifyOozieSysTable(boolean, boolean)
may fail to close database resource on exception
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 966]
ODR_OPEN_DATABASE_RESOURCE_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.convertClobToBlobInMysql(String,
Connection) may fail to close stream on exception
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 569]
OS_OPEN_STREAM_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.ddlTweaks(String, boolean) may fail
to close stream on exception [org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 806] OS_OPEN_STREAM_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.ddlTweaksForPre50(String, boolean,
String) may fail to close stream on exception
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 735]
OS_OPEN_STREAM_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.postUpgradeTasks(String, boolean,
boolean) may fail to close stream on exception
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 363]
OS_OPEN_STREAM_EXCEPTION_PATH
[ERROR] org.apache.oozie.tools.OozieDBCLI.postUpgradeTasksFor40(String,
boolean) may fail to close stream on exception
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 440]
OS_OPEN_STREAM_EXCEPTION_PATH
[ERROR] java/io/FileOutputStream.<init>(Ljava/lang/String;Z)V writes to a file
whose location might be specified by user input
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 569]At
OozieDBCLI.java:[line 127]At OozieDBCLI.java:[line 131]At OozieDBCLI.java:[line
138]At OozieDBCLI.java:[line 237]At OozieDBCLI.java:[line 262]At
OozieDBCLI.java:[line 726] PATH_TRAVERSAL_OUT
[ERROR] java/io/FileOutputStream.<init>(Ljava/lang/String;Z)V writes to a file
whose location might be specified by user input
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 599]At
OozieDBCLI.java:[line 127]At OozieDBCLI.java:[line 131]At OozieDBCLI.java:[line
138]At OozieDBCLI.java:[line 237]At OozieDBCLI.java:[line 262]At
OozieDBCLI.java:[line 729] PATH_TRAVERSAL_OUT
[ERROR] java/io/FileOutputStream.<init>(Ljava/lang/String;Z)V writes to a file
whose location might be specified by user input
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 1031]At
OozieDBCLI.java:[line 127]At OozieDBCLI.java:[line 131]At OozieDBCLI.java:[line
135]At OozieDBCLI.java:[line 138]At OozieDBCLI.java:[line 200]At
OozieDBCLI.java:[line 218] PATH_TRAVERSAL_OUT
[ERROR] java/io/FileOutputStream.<init>(Ljava/lang/String;Z)V writes to a file
whose location might be specified by user input
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 806]At OozieDBCLI.java:[line 127]At OozieDBCLI.java:[line
131]At OozieDBCLI.java:[line 138]At OozieDBCLI.java:[line 232]At
OozieDBCLI.java:[line 257] PATH_TRAVERSAL_OUT
[ERROR] java/io/FileOutputStream.<init>(Ljava/lang/String;Z)V writes to a file
whose location might be specified by user input
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 765]At OozieDBCLI.java:[line 127]At OozieDBCLI.java:[line
131]At OozieDBCLI.java:[line 135]At OozieDBCLI.java:[line 138]At
OozieDBCLI.java:[line 199]At OozieDBCLI.java:[line 242]At OozieDBCLI.java:[line
267] PATH_TRAVERSAL_OUT
[ERROR] java/io/FileOutputStream.<init>(Ljava/lang/String;Z)V writes to a file
whose location might be specified by user input
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 735]At OozieDBCLI.java:[line 127]At OozieDBCLI.java:[line
131]At OozieDBCLI.java:[line 138]At OozieDBCLI.java:[line 237]At
OozieDBCLI.java:[line 262] PATH_TRAVERSAL_OUT
[ERROR] java/io/FileOutputStream.<init>(Ljava/lang/String;Z)V writes to a file
whose location might be specified by user input
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 363]At OozieDBCLI.java:[line 127]At OozieDBCLI.java:[line
131]At OozieDBCLI.java:[line 141]At OozieDBCLI.java:[line 305]At
OozieDBCLI.java:[line 319] PATH_TRAVERSAL_OUT
[ERROR] java/io/FileOutputStream.<init>(Ljava/lang/String;Z)V writes to a file
whose location might be specified by user input
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 440]At OozieDBCLI.java:[line 127]At OozieDBCLI.java:[line
131]At OozieDBCLI.java:[line 138]At OozieDBCLI.java:[line 232]At
OozieDBCLI.java:[line 256] PATH_TRAVERSAL_OUT
[ERROR] java/io/FileOutputStream.<init>(Ljava/lang/String;Z)V writes to a file
whose location might be specified by user input
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 276]At OozieDBCLI.java:[line 127]At OozieDBCLI.java:[line
131]At OozieDBCLI.java:[line 138]At OozieDBCLI.java:[line 232]At
OozieDBCLI.java:[line 237]At OozieDBCLI.java:[line 242]At OozieDBCLI.java:[line
255]At OozieDBCLI.java:[line 261]At OozieDBCLI.java:[line 266]
PATH_TRAVERSAL_OUT
[ERROR] Redundant nullcheck of conn, which is known to be non-null in
org.apache.oozie.tools.OozieDBCLI.ddlTweaksFor50(String, boolean)
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI]
Redundant null check at OozieDBCLI.java:[line 764]Another occurrence at
OozieDBCLI.java:[line 779] RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
[ERROR] Exception is caught when Exception is not thrown in
org.apache.oozie.tools.OozieDBCLI.checkDBExists()
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 945]
REC_CATCH_EXCEPTION
[ERROR] Exception is caught when Exception is not thrown in
org.apache.oozie.tools.OozieDBCLI.verifyOozieSysTable(boolean, boolean)
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 973]
REC_CATCH_EXCEPTION
[ERROR] org.apache.oozie.tools.OozieDBCLI.getJdbcConf() checks to see if result
of String.indexOf is positive [org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 182] RV_CHECK_FOR_POSITIVE_INDEXOF
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 584]At OozieDBCLI.java:[line 573]At OozieDBCLI.java:[line
574]At OozieDBCLI.java:[line 575]At OozieDBCLI.java:[line 577]At
OozieDBCLI.java:[line 578]At OozieDBCLI.java:[line 579]At OozieDBCLI.java:[line
581]At OozieDBCLI.java:[line 584] SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 533]At
OozieDBCLI.java:[line 529]At OozieDBCLI.java:[line 530]At OozieDBCLI.java:[line
531]At OozieDBCLI.java:[line 532]At OozieDBCLI.java:[line 533]
SQL_INJECTION_JDBC
[ERROR] This use of
java/sql/Statement.executeQuery(Ljava/lang/String;)Ljava/sql/ResultSet; can be
vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 535]At OozieDBCLI.java:[line 529]At OozieDBCLI.java:[line
530]At OozieDBCLI.java:[line 531]At OozieDBCLI.java:[line 535]
SQL_INJECTION_JDBC
[ERROR] This use of
java/sql/Connection.prepareStatement(Ljava/lang/String;)Ljava/sql/PreparedStatement;
can be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 548]At OozieDBCLI.java:[line 529]At OozieDBCLI.java:[line
530]At OozieDBCLI.java:[line 531]At OozieDBCLI.java:[line 535]At
OozieDBCLI.java:[line 548]At OozieDBCLI.java:[line 549] SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 558]At OozieDBCLI.java:[line 529]At OozieDBCLI.java:[line
530]At OozieDBCLI.java:[line 531]At OozieDBCLI.java:[line 535]At
OozieDBCLI.java:[line 557]At OozieDBCLI.java:[line 558] SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 559]At OozieDBCLI.java:[line 529]At OozieDBCLI.java:[line
530]At OozieDBCLI.java:[line 531]At OozieDBCLI.java:[line 535]At
OozieDBCLI.java:[line 557]At OozieDBCLI.java:[line 559] SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 627]At
OozieDBCLI.java:[line 604]At OozieDBCLI.java:[line 605]At OozieDBCLI.java:[line
606]At OozieDBCLI.java:[line 607]At OozieDBCLI.java:[line 617]
SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 628]At
OozieDBCLI.java:[line 604]At OozieDBCLI.java:[line 605]At OozieDBCLI.java:[line
606]At OozieDBCLI.java:[line 607]At OozieDBCLI.java:[line 619]
SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 629]At
OozieDBCLI.java:[line 604]At OozieDBCLI.java:[line 605]At OozieDBCLI.java:[line
606]At OozieDBCLI.java:[line 607]At OozieDBCLI.java:[line 622]
SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 630]At
OozieDBCLI.java:[line 604]At OozieDBCLI.java:[line 605]At OozieDBCLI.java:[line
606]At OozieDBCLI.java:[line 607]At OozieDBCLI.java:[line 624]
SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 656]At
OozieDBCLI.java:[line 652]At OozieDBCLI.java:[line 653]At OozieDBCLI.java:[line
654]At OozieDBCLI.java:[line 655]At OozieDBCLI.java:[line 656]
SQL_INJECTION_JDBC
[ERROR] This use of
java/sql/Statement.executeQuery(Ljava/lang/String;)Ljava/sql/ResultSet; can be
vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 658]At OozieDBCLI.java:[line 652]At OozieDBCLI.java:[line
653]At OozieDBCLI.java:[line 654]At OozieDBCLI.java:[line 658]
SQL_INJECTION_JDBC
[ERROR] This use of
java/sql/Connection.prepareStatement(Ljava/lang/String;)Ljava/sql/PreparedStatement;
can be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 673]At OozieDBCLI.java:[line 652]At OozieDBCLI.java:[line
653]At OozieDBCLI.java:[line 654]At OozieDBCLI.java:[line 658]At
OozieDBCLI.java:[line 660]At OozieDBCLI.java:[line 673] SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 684]At OozieDBCLI.java:[line 652]At OozieDBCLI.java:[line
653]At OozieDBCLI.java:[line 654]At OozieDBCLI.java:[line 658]At
OozieDBCLI.java:[line 683]At OozieDBCLI.java:[line 684] SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 685]At OozieDBCLI.java:[line 652]At OozieDBCLI.java:[line
653]At OozieDBCLI.java:[line 654]At OozieDBCLI.java:[line 658]At
OozieDBCLI.java:[line 683]At OozieDBCLI.java:[line 685] SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 1053]At
OozieDBCLI.java:[line 1053] SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 895]At
OozieDBCLI.java:[line 891] SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 288]At OozieDBCLI.java:[line 261]At OozieDBCLI.java:[line
275] SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 289]At
OozieDBCLI.java:[line 289] SQL_INJECTION_JDBC
[ERROR] This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can
be vulnerable to SQL injection [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 1052]At
OozieDBCLI.java:[line 1026] SQL_INJECTION_JDBC
[ERROR] org.apache.oozie.tools.OozieDBCLI.createOozieSysTable(String, boolean,
String) passes a nonconstant String to an execute or addBatch method on an SQL
statement [org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 1052]
SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE
[ERROR] org.apache.oozie.tools.OozieDBCLI.upgradeOozieDBVersion(String,
boolean, String) passes a nonconstant String to an execute or addBatch method
on an SQL statement [org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 288] SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE
[ERROR] org.apache.oozie.tools.OozieDBCLI.convertClobToBlobInMysql(String,
Connection) passes a nonconstant String to an execute or addBatch method on an
SQL statement [org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 584]
SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE
[ERROR] org.apache.oozie.tools.OozieDBCLI.convertClobToBlobInPostgres(String,
Connection, String) passes a nonconstant String to an execute or addBatch
method on an SQL statement [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 627]Another
occurrence at OozieDBCLI.java:[line 628]Another occurrence at
OozieDBCLI.java:[line 629]Another occurrence at OozieDBCLI.java:[line 630]
SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE
[ERROR] org.apache.oozie.tools.OozieDBCLI.postUpgradeTasks(String, boolean,
boolean) passes a nonconstant String to an execute or addBatch method on an SQL
statement [org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 421]
SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE
[ERROR] org.apache.oozie.tools.OozieDBCLI.convertClobToBlobInOracle(Connection)
passes a nonconstant String to an execute or addBatch method on an SQL
statement [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 535]Another
occurrence at OozieDBCLI.java:[line 533]Another occurrence at
OozieDBCLI.java:[line 558]Another occurrence at OozieDBCLI.java:[line 559]
SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE
[ERROR] org.apache.oozie.tools.OozieDBCLI.convertClobToBlobinDerby(Connection,
String) passes a nonconstant String to an execute or addBatch method on an SQL
statement [org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI,
org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 658]Another
occurrence at OozieDBCLI.java:[line 656]Another occurrence at
OozieDBCLI.java:[line 684]Another occurrence at OozieDBCLI.java:[line 685]
SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE
[ERROR] org.apache.oozie.tools.OozieDBCLI.ddlTweaks(String, boolean) passes a
nonconstant String to an execute or addBatch method on an SQL statement
[org.apache.oozie.tools.OozieDBCLI, org.apache.oozie.tools.OozieDBCLI] At
OozieDBCLI.java:[line 883]Another occurrence at OozieDBCLI.java:[line 895]
SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE
[ERROR] org.apache.oozie.tools.OozieDBCLI.ddlTweaksFor50(String, boolean)
passes a nonconstant String to an execute or addBatch method on an SQL
statement [org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 775]
SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE
[ERROR] org.apache.oozie.tools.OozieDBCLI.ddlTweaksForPre50(String, boolean,
String) passes a nonconstant String to an execute or addBatch method on an SQL
statement [org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 749]
SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE
[ERROR] org.apache.oozie.tools.OozieDBCLI.postUpgradeTasksFor40(String,
boolean) passes a nonconstant String to an execute or addBatch method on an SQL
statement [org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 457]
SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE
[ERROR] A prepared statement is generated from a nonconstant String in
org.apache.oozie.tools.OozieDBCLI.convertClobToBlobInOracle(Connection)
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 548]
SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING
[ERROR] A prepared statement is generated from a nonconstant String in
org.apache.oozie.tools.OozieDBCLI.convertClobToBlobinDerby(Connection, String)
[org.apache.oozie.tools.OozieDBCLI] At OozieDBCLI.java:[line 673]
SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING
[ERROR] org.apache.oozie.tools.OozieDBExportCLI.queryAllDBTables(String)
invokes System.exit(...), which shuts down the entire virtual machine
[org.apache.oozie.tools.OozieDBExportCLI] At OozieDBExportCLI.java:[line 170]
DM_EXIT
[ERROR] Possible information exposure through an error message
[org.apache.oozie.tools.OozieDBExportCLI] At OozieDBExportCLI.java:[line 112]
INFORMATION_EXPOSURE_THROUGH_AN_ERROR_MESSAGE
[ERROR] Possible information exposure through an error message
[org.apache.oozie.tools.OozieDBExportCLI] At OozieDBExportCLI.java:[line 165]
INFORMATION_EXPOSURE_THROUGH_AN_ERROR_MESSAGE
[ERROR] java/io/File.<init>(Ljava/lang/String;)V reads a file whose location
might be specified by user input [org.apache.oozie.tools.OozieDBExportCLI,
org.apache.oozie.tools.OozieDBExportCLI] At OozieDBExportCLI.java:[line 129]At
OozieDBExportCLI.java:[line 97] PATH_TRAVERSAL_IN
[ERROR] Exception is caught when Exception is not thrown in
org.apache.oozie.tools.OozieDBExportCLI.queryAllDBTables(String)
[org.apache.oozie.tools.OozieDBExportCLI] At OozieDBExportCLI.java:[line 162]
REC_CATCH_EXCEPTION
[ERROR] Exceptional return value of java.io.File.delete() ignored in
org.apache.oozie.tools.OozieDBExportCLI.queryAllDBTables(String)
[org.apache.oozie.tools.OozieDBExportCLI] At OozieDBExportCLI.java:[line 168]
RV_RETURN_VALUE_IGNORED_BAD_PRACTICE
[ERROR] Use of non-localized String.toUpperCase() or String.toLowerCase() in
org.apache.oozie.tools.OozieDBImportCLI.findTableName(EntityManager, Class)
[org.apache.oozie.tools.OozieDBImportCLI] At OozieDBImportCLI.java:[line 408]
DM_CONVERT_CASE
[ERROR] org.apache.oozie.tools.OozieDBImportCLI.checkDBVersion() invokes
System.exit(...), which shuts down the entire virtual machine
[org.apache.oozie.tools.OozieDBImportCLI] At OozieDBImportCLI.java:[line 243]
DM_EXIT
[ERROR] Possible information exposure through an error message
[org.apache.oozie.tools.OozieDBImportCLI] At OozieDBImportCLI.java:[line 253]
INFORMATION_EXPOSURE_THROUGH_AN_ERROR_MESSAGE
[ERROR] Possible information exposure through an error message
[org.apache.oozie.tools.OozieDBImportCLI] At OozieDBImportCLI.java:[line 153]
INFORMATION_EXPOSURE_THROUGH_AN_ERROR_MESSAGE
[ERROR] Redundant nullcheck of rs, which is known to be non-null in
org.apache.oozie.tools.OozieDBImportCLI.checkTableIsPresentAndEmpty(Class)
[org.apache.oozie.tools.OozieDBImportCLI,
org.apache.oozie.tools.OozieDBImportCLI] Redundant null check at
OozieDBImportCLI.java:[line 277]Another occurrence at
OozieDBImportCLI.java:[line 280] RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
[ERROR] Exception is caught when Exception is not thrown in
org.apache.oozie.tools.OozieDBImportCLI.checkDBVersion()
[org.apache.oozie.tools.OozieDBImportCLI] At OozieDBImportCLI.java:[line 245]
REC_CATCH_EXCEPTION
[ERROR] Boxing/unboxing to parse a primitive
org.apache.oozie.tools.OozieSharelibCLI.run(String[])
[org.apache.oozie.tools.OozieSharelibCLI] At OozieSharelibCLI.java:[line 153]
DM_BOXED_PRIMITIVE_FOR_PARSING
[ERROR] org.apache.oozie.tools.OozieSharelibCLI.getTimestampDirectory() invokes
toString() method on a String [org.apache.oozie.tools.OozieSharelibCLI] At
OozieSharelibCLI.java:[line 330] DM_STRING_TOSTRING
[ERROR] Possible information exposure through an error message
[org.apache.oozie.tools.OozieSharelibCLI] At OozieSharelibCLI.java:[line 322]
INFORMATION_EXPOSURE_THROUGH_AN_ERROR_MESSAGE
[ERROR] org.apache.oozie.tools.OozieSharelibCLI.HELP_INFO should be package
protected [org.apache.oozie.tools.OozieSharelibCLI] At
OozieSharelibCLI.java:[line 66] MS_PKGPROTECT
[ERROR] Unsafe comparison of hash that are susceptible to timing attack
[org.apache.oozie.tools.OozieSharelibCLI] At OozieSharelibCLI.java:[line 144]
UNSAFE_HASH_EQUALS
[ERROR] Unsafe comparison of hash that are susceptible to timing attack
[org.apache.oozie.tools.OozieSharelibCLI] At OozieSharelibCLI.java:[line 216]
UNSAFE_HASH_EQUALS
[ERROR] Unsafe comparison of hash that are susceptible to timing attack
[org.apache.oozie.tools.OozieSharelibCLI] At OozieSharelibCLI.java:[line 226]
UNSAFE_HASH_EQUALS
[ERROR] FilenameUtils.getName doesn't filter null bytes
[org.apache.oozie.tools.OozieSharelibCLI] At OozieSharelibCLI.java:[line 285]
WEAK_FILENAMEUTILS
[ERROR] FilenameUtils.getName doesn't filter null bytes
[org.apache.oozie.tools.OozieSharelibCLI] At OozieSharelibCLI.java:[line 286]
WEAK_FILENAMEUTILS
[ERROR] Nullcheck of out at line 425 of value previously dereferenced in
org.apache.oozie.tools.OozieSharelibCLI$CopyTaskCallable.call()
[org.apache.oozie.tools.OozieSharelibCLI$CopyTaskCallable,
org.apache.oozie.tools.OozieSharelibCLI$CopyTaskCallable] At
OozieSharelibCLI.java:[line 425]Redundant null check at
OozieSharelibCLI.java:[line 426] RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE
[ERROR] Format string argument allowing user controlled parameters
[org.apache.oozie.tools.diag.AppInfoCollector,
org.apache.oozie.tools.diag.AppInfoCollector,
org.apache.oozie.tools.diag.AppInfoCollector] At AppInfoCollector.java:[line
288]At AppInfoCollector.java:[line 288]At AppInfoCollector.java:[line 289]
FORMAT_STRING_MANIPULATION
[ERROR] Format string argument allowing user controlled parameters
[org.apache.oozie.tools.diag.AppInfoCollector,
org.apache.oozie.tools.diag.AppInfoCollector,
org.apache.oozie.tools.diag.AppInfoCollector] At AppInfoCollector.java:[line
202]At AppInfoCollector.java:[line 202]At AppInfoCollector.java:[line 203]
FORMAT_STRING_MANIPULATION
[ERROR] Format string argument allowing user controlled parameters
[org.apache.oozie.tools.diag.AppInfoCollector,
org.apache.oozie.tools.diag.AppInfoCollector,
org.apache.oozie.tools.diag.AppInfoCollector] At AppInfoCollector.java:[line
338]At AppInfoCollector.java:[line 338]At AppInfoCollector.java:[line 339]
FORMAT_STRING_MANIPULATION
[ERROR] Redundant nullcheck of is, which is known to be non-null in
org.apache.oozie.tools.diag.DiagOozieClient.saveThreadDumpPage(File)
[org.apache.oozie.tools.diag.DiagOozieClient,
org.apache.oozie.tools.diag.DiagOozieClient] Redundant null check at
DiagOozieClient.java:[line 44]Another occurrence at DiagOozieClient.java:[line
47] RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE
[INFO]
{quote}
not related to this patch
> Make TestECPolicyDisabler work with Hadoop 3
> --------------------------------------------
>
> Key: OOZIE-3621
> URL: https://issues.apache.org/jira/browse/OOZIE-3621
> Project: Oozie
> Issue Type: Improvement
> Reporter: Chia-Ping Tsai
> Priority: Major
> Attachments: OOZIE-3621.v0.patch
>
>
> TestECPolicyDisabler is not compatible with hadoop 3. The following error
> messages are produced by command `mvn clean install -DskipTests
> -Dhadoop.version=3.1.0 -Dhadoop.majorversion=3 -Phadoop-3`
> {quote}
> [ERROR] COMPILATION ERROR :
> [INFO] -------------------------------------------------------------
> [ERROR]
> /home/chia7712/oozie/tools/src/test/java/org/apache/oozie/tools/TestECPolicyDisabler.java:[50,71]
> getErasureCodingPolicy(org.apache.hadoop.fs.Path) in
> org.apache.oozie.tools.TestECPolicyDisabler.MockDistributedFileSystem cannot
> override getErasureCodingPolicy(org.apache.hadoop.fs.Path) in
> org.apache.hadoop.hdfs.DistributedFileSystem
> return type
> org.apache.hadoop.hdfs.protocol.SystemErasureCodingPolicies.ReplicationPolicy
> is not compatible with org.apache.hadoop.hdfs.protocol.ErasureCodingPolicy
> {quote}
> The root cause is the method `getErasureCodingPolicy` was introduced in
> hadoop 3 and the method signature is different to mock fs of
> TestECPolicyDisabler. Fortunately, all we want to test is the static method
> 'ECPolicyDisabler#check' so we can add a new argument to make it be able to
> check another method.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
