[
https://issues.apache.org/jira/browse/RANGER-715?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14985380#comment-14985380
]
Ramesh Mani commented on RANGER-715:
------------------------------------
** CID 131860: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
266 in ()
________________________________________________________________________________________________________
*** CID 131860: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
266 in ()
260 @Override
261 public Class<?> findClass(String name) throws
ClassNotFoundException {
262 return super.findClass(name);
263 }
264 }
265
CID 131860: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
Should
org.apache.ranger.plugin.classloader.RangerPluginClassLoader$MergeEnumeration
be a _static_ inner class?
266 class MergeEnumeration implements Enumeration<URL> {
267
268 Enumeration<URL> e1 = null;
269 Enumeration<URL> e2 = null;
270
271 public MergeEnumeration(Enumeration<URL> e1, Enumeration<URL>
e2 ) {
** CID 131859: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
/agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java:
95 in ()
________________________________________________________________________________________________________
*** CID 131859: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
/agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java:
95 in ()
89
90 if(LOG.isDebugEnabled()) {
91 LOG.debug("<== RangerOptimizedPolicyEvaluator.init()");
92 }
93 }
94
CID 131859: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
Should
org.apache.ranger.plugin.policyevaluator.RangerOptimizedPolicyEvaluator$LevelResourceNames
be a _static_ inner class?
95 class LevelResourceNames implements Comparable<LevelResourceNames> {
96 final int level;
97 final RangerPolicy.RangerPolicyResource policyResource;
98
99 public LevelResourceNames(int level,
RangerPolicy.RangerPolicyResource policyResource) {
100 this.level = level;
*** CID 131854: FindBugs: Malicious code vulnerability
(FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
52 in
org.apache.ranger.plugin.classloader.RangerPluginClassLoader.getInstance(java.lang.String,
java.lang.Class)()
46 public static RangerPluginClassLoader getInstance(String pluginType,
Class<?> pluginClass ) throws Exception {
47 RangerPluginClassLoader ret = me;
48 if ( ret == null) {
49 synchronized(RangerPluginClassLoader.class) {
50 ret = me;
51 if ( ret == null){
CID 131854: FindBugs: Malicious code vulnerability
(FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
org.apache.ranger.plugin.classloader.RangerPluginClassLoader.getInstance(String,
Class) creates a org.apache.ranger.plugin.classloader.RangerPluginClassLoader
classloader, which should be performed within a doPrivileged block.
52 me = ret = new
RangerPluginClassLoader(pluginType,pluginClass);
53 }
54 }
55 }
56 return ret;
57 }
** CID 131853: FindBugs: Malicious code vulnerability
(FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
43 in
org.apache.ranger.plugin.classloader.RangerPluginClassLoader.<init>(java.lang.String,
java.lang.Class)()
________________________________________________________________________________________________________
*** CID 131853: FindBugs: Malicious code vulnerability
(FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
43 in
org.apache.ranger.plugin.classloader.RangerPluginClassLoader.<init>(java.lang.String,
java.lang.Class)()
37 private static MyClassLoader
componentClassLoader = null;
38 //private static ThreadLocal<MyClassLoader> componentClassLoader = new
ThreadLocal<MyClassLoader>();
39
40 public RangerPluginClassLoader(String pluginType, Class<?> pluginClass
) throws Exception {
41
super(RangerPluginClassLoaderUtil.getInstance().getPluginFilesForServiceTypeAndPluginclass(pluginType,
pluginClass), null);
42 //componentClassLoader.set(new
MyClassLoader(Thread.currentThread().getContextClassLoader()));
CID 131853: FindBugs: Malicious code vulnerability
(FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
new org.apache.ranger.plugin.classloader.RangerPluginClassLoader(String,
Class) creates a
org.apache.ranger.plugin.classloader.RangerPluginClassLoader$MyClassLoader
classloader, which should be performed within a doPrivileged block.
43 componentClassLoader = new
MyClassLoader(Thread.currentThread().getContextClassLoader());
44 }
45
46 public static RangerPluginClassLoader getInstance(String pluginType,
Class<?> pluginClass ) throws Exception {
47 RangerPluginClassLoader ret = me;
48 if ( ret == null) {
> Fix issues reported by coverity test in Ranger Plugin ClassLoader
> -----------------------------------------------------------------
>
> Key: RANGER-715
> URL: https://issues.apache.org/jira/browse/RANGER-715
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Affects Versions: 0.5.0
> Reporter: Ramesh Mani
> Assignee: Ramesh Mani
> Fix For: 0.5.0
>
>
> Fix issues reported by coverity test in Ranger Plugin ClassLoader
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
