[
https://issues.apache.org/jira/browse/RANGER-715?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramesh Mani updated RANGER-715:
-------------------------------
Comment: was deleted
(was: ** CID 131860: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
266 in ()
________________________________________________________________________________________________________
*** CID 131860: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
266 in ()
260 @Override
261 public Class<?> findClass(String name) throws
ClassNotFoundException {
262 return super.findClass(name);
263 }
264 }
265
CID 131860: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
Should
org.apache.ranger.plugin.classloader.RangerPluginClassLoader$MergeEnumeration
be a _static_ inner class?
266 class MergeEnumeration implements Enumeration<URL> {
267
268 Enumeration<URL> e1 = null;
269 Enumeration<URL> e2 = null;
270
271 public MergeEnumeration(Enumeration<URL> e1, Enumeration<URL>
e2 ) {
** CID 131859: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
/agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java:
95 in ()
________________________________________________________________________________________________________
*** CID 131859: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
/agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java:
95 in ()
89
90 if(LOG.isDebugEnabled()) {
91 LOG.debug("<== RangerOptimizedPolicyEvaluator.init()");
92 }
93 }
94
CID 131859: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
Should
org.apache.ranger.plugin.policyevaluator.RangerOptimizedPolicyEvaluator$LevelResourceNames
be a _static_ inner class?
95 class LevelResourceNames implements Comparable<LevelResourceNames> {
96 final int level;
97 final RangerPolicy.RangerPolicyResource policyResource;
98
99 public LevelResourceNames(int level,
RangerPolicy.RangerPolicyResource policyResource) {
100 this.level = level;
*** CID 131854: FindBugs: Malicious code vulnerability
(FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
52 in
org.apache.ranger.plugin.classloader.RangerPluginClassLoader.getInstance(java.lang.String,
java.lang.Class)()
46 public static RangerPluginClassLoader getInstance(String pluginType,
Class<?> pluginClass ) throws Exception {
47 RangerPluginClassLoader ret = me;
48 if ( ret == null) {
49 synchronized(RangerPluginClassLoader.class) {
50 ret = me;
51 if ( ret == null){
CID 131854: FindBugs: Malicious code vulnerability
(FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
org.apache.ranger.plugin.classloader.RangerPluginClassLoader.getInstance(String,
Class) creates a org.apache.ranger.plugin.classloader.RangerPluginClassLoader
classloader, which should be performed within a doPrivileged block.
52 me = ret = new
RangerPluginClassLoader(pluginType,pluginClass);
53 }
54 }
55 }
56 return ret;
57 }
** CID 131853: FindBugs: Malicious code vulnerability
(FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
43 in
org.apache.ranger.plugin.classloader.RangerPluginClassLoader.<init>(java.lang.String,
java.lang.Class)()
________________________________________________________________________________________________________
*** CID 131853: FindBugs: Malicious code vulnerability
(FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
43 in
org.apache.ranger.plugin.classloader.RangerPluginClassLoader.<init>(java.lang.String,
java.lang.Class)()
37 private static MyClassLoader
componentClassLoader = null;
38 //private static ThreadLocal<MyClassLoader> componentClassLoader = new
ThreadLocal<MyClassLoader>();
39
40 public RangerPluginClassLoader(String pluginType, Class<?> pluginClass
) throws Exception {
41
super(RangerPluginClassLoaderUtil.getInstance().getPluginFilesForServiceTypeAndPluginclass(pluginType,
pluginClass), null);
42 //componentClassLoader.set(new
MyClassLoader(Thread.currentThread().getContextClassLoader()));
CID 131853: FindBugs: Malicious code vulnerability
(FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
new org.apache.ranger.plugin.classloader.RangerPluginClassLoader(String,
Class) creates a
org.apache.ranger.plugin.classloader.RangerPluginClassLoader$MyClassLoader
classloader, which should be performed within a doPrivileged block.
43 componentClassLoader = new
MyClassLoader(Thread.currentThread().getContextClassLoader());
44 }
45
46 public static RangerPluginClassLoader getInstance(String pluginType,
Class<?> pluginClass ) throws Exception {
47 RangerPluginClassLoader ret = me;
48 if ( ret == null) {)
> Fix issues reported by coverity test in Ranger Plugin ClassLoader
> -----------------------------------------------------------------
>
> Key: RANGER-715
> URL: https://issues.apache.org/jira/browse/RANGER-715
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Affects Versions: 0.5.0
> Reporter: Ramesh Mani
> Assignee: Ramesh Mani
> Fix For: 0.5.0
>
>
> Fix issues reported by coverity test in Ranger Plugin ClassLoader
> ** CID 131860: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
> /ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
> 266 in ()
> ________________________________________________________________________________________________________
> *** CID 131860: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
> /ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
> 266 in ()
> 260 @Override
> 261 public Class<?> findClass(String name) throws
> ClassNotFoundException {
> 262 return super.findClass(name);
> 263 }
> 264 }
> 265
> CID 131860: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
> Should
> org.apache.ranger.plugin.classloader.RangerPluginClassLoader$MergeEnumeration
> be a _static_ inner class?
> 266 class MergeEnumeration implements Enumeration<URL> {
> 267
> 268 Enumeration<URL> e1 = null;
> 269 Enumeration<URL> e2 = null;
> 270
> 271 public MergeEnumeration(Enumeration<URL> e1, Enumeration<URL>
> e2 ) {
> ** CID 131859: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
> /agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java:
> 95 in ()
> ________________________________________________________________________________________________________
> *** CID 131859: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
> /agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java:
> 95 in ()
> 89
> 90 if(LOG.isDebugEnabled()) {
> 91 LOG.debug("<== RangerOptimizedPolicyEvaluator.init()");
> 92 }
> 93 }
> 94
> CID 131859: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
> Should
> org.apache.ranger.plugin.policyevaluator.RangerOptimizedPolicyEvaluator$LevelResourceNames
> be a _static_ inner class?
> 95 class LevelResourceNames implements Comparable<LevelResourceNames>
> {
> 96 final int level;
> 97 final RangerPolicy.RangerPolicyResource policyResource;
> 98
> 99 public LevelResourceNames(int level,
> RangerPolicy.RangerPolicyResource policyResource) {
> 100 this.level = level;
> *** CID 131854: FindBugs: Malicious code vulnerability
> (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
> /ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
> 52 in
> org.apache.ranger.plugin.classloader.RangerPluginClassLoader.getInstance(java.lang.String,
> java.lang.Class)()
> 46 public static RangerPluginClassLoader getInstance(String
> pluginType, Class<?> pluginClass ) throws Exception {
> 47 RangerPluginClassLoader ret = me;
> 48 if ( ret == null) {
> 49 synchronized(RangerPluginClassLoader.class) {
> 50 ret = me;
> 51 if ( ret == null){
> CID 131854: FindBugs: Malicious code vulnerability
> (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
>
> org.apache.ranger.plugin.classloader.RangerPluginClassLoader.getInstance(String,
> Class) creates a
> org.apache.ranger.plugin.classloader.RangerPluginClassLoader classloader,
> which should be performed within a doPrivileged block.
> 52 me = ret = new
> RangerPluginClassLoader(pluginType,pluginClass);
> 53 }
> 54 }
> 55 }
> 56 return ret;
> 57 }
> ** CID 131853: FindBugs: Malicious code vulnerability
> (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
> /ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
> 43 in
> org.apache.ranger.plugin.classloader.RangerPluginClassLoader.<init>(java.lang.String,
> java.lang.Class)()
> ________________________________________________________________________________________________________
> *** CID 131853: FindBugs: Malicious code vulnerability
> (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
> /ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java:
> 43 in
> org.apache.ranger.plugin.classloader.RangerPluginClassLoader.<init>(java.lang.String,
> java.lang.Class)()
> 37 private static MyClassLoader
> componentClassLoader = null;
> 38 //private static ThreadLocal<MyClassLoader>
> componentClassLoader = new ThreadLocal<MyClassLoader>();
> 39
> 40 public RangerPluginClassLoader(String pluginType, Class<?>
> pluginClass ) throws Exception {
> 41
> super(RangerPluginClassLoaderUtil.getInstance().getPluginFilesForServiceTypeAndPluginclass(pluginType,
> pluginClass), null);
> 42 //componentClassLoader.set(new
> MyClassLoader(Thread.currentThread().getContextClassLoader()));
> CID 131853: FindBugs: Malicious code vulnerability
> (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
> new org.apache.ranger.plugin.classloader.RangerPluginClassLoader(String,
> Class) creates a
> org.apache.ranger.plugin.classloader.RangerPluginClassLoader$MyClassLoader
> classloader, which should be performed within a doPrivileged block.
> 43 componentClassLoader = new
> MyClassLoader(Thread.currentThread().getContextClassLoader());
> 44 }
> 45
> 46 public static RangerPluginClassLoader getInstance(String
> pluginType, Class<?> pluginClass ) throws Exception {
> 47 RangerPluginClassLoader ret = me;
> 48 if ( ret == null) {
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
