Velmurugan Periasamy created RANGER-847:
-------------------------------------------
Summary: Fix code scan issues
Key: RANGER-847
URL: https://issues.apache.org/jira/browse/RANGER-847
Project: Ranger
Issue Type: Bug
Affects Versions: 0.6.0
Reporter: Velmurugan Periasamy
Assignee: Bolke de Bruin
Fix For: 0.6.0
Coverity scan reports below issues. Need to be fixed.
{noformat}
CID 135584: (FB.DM_DEFAULT_ENCODING)
/ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
179 in
org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
/ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
271 in
org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
/ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
179 in
org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
173 private void buildUnixUserList(String command) throws Throwable
{
174 BufferedReader reader = null;
175
176 if (!useNss) {
177 File file = new File(UNIX_USER_PASSWORD_FILE);
178 passwordFileModifiedAt = file.lastModified();
CID 135584: (FB.DM_DEFAULT_ENCODING)
Found reliance on default encoding: new java.io.FileReader(File).
179 reader = new BufferedReader(new
FileReader(file)) ;
180 } else {
181 Process process = Runtime.getRuntime().exec(
182 new String[]{"bash", "-c",
command});
183
184 reader = new BufferedReader(new
InputStreamReader(process.getInputStream()));
/ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
271 in
org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
265
266 // "id" is same across Linux / BSD /
MacOSX
267 // gids are used as id might return
groups with spaces, ie "domain users"
268 Process process =
Runtime.getRuntime().exec(
269 new String[]{"bash",
"-c", "id -G " + entry.getKey()});
270
CID 135584: (FB.DM_DEFAULT_ENCODING)
Another occurrence here
271 reader = new BufferedReader(new
InputStreamReader(process.getInputStream()));
272 line = reader.readLine();
273 reader.close();
274
275 LOG.debug("id -G returned " + line);
276
{noformat}
{noformat}
CID 135583: (FB.DM_DEFAULT_ENCODING)
/ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
349 in
org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
java.lang.String, boolean)()
/ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
412 in
org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
java.lang.String, boolean)()
/ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
349 in
org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
java.lang.String, boolean)()
343 LOG.debug("Start enumerating groups");
344 BufferedReader reader;
345
346 if (!useNss) {
347 File file = new File(UNIX_GROUP_FILE);
348 groupFileModifiedAt = file.lastModified();
CID 135583: (FB.DM_DEFAULT_ENCODING)
Found reliance on default encoding: new java.io.FileReader(File).
349 reader = new BufferedReader(new
FileReader(file)) ;
350 } else {
351 Process process = Runtime.getRuntime().exec(
352 new String[]{"bash", "-c",
allGroupsCmd});
353 reader = new BufferedReader(new
InputStreamReader(process.getInputStream()));
354 }
/ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
412 in
org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
java.lang.String, boolean)()
406 for (String group : groups) {
407 String command =
String.format(groupCmd, group);
408 String[] cmd = new String[]{"bash",
"-c", command + " '" + group + "'"};
409 LOG.debug("Executing: " +
Arrays.toString(cmd));
410
411 Process process =
Runtime.getRuntime().exec(cmd);
CID 135583: (FB.DM_DEFAULT_ENCODING)
Another occurrence here
412 reader = new BufferedReader(new
InputStreamReader(process.getInputStream()));
413 line = reader.readLine();
414 reader.close();
415 LOG.debug("bash -c " + command + " for
group " + group + " returned " + line);
416
417 parseMembers(line);
{noformat}
{noformat}
CID 135582: Exceptional resource leaks (RESOURCE_LEAK)
/ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
358 in
org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
java.lang.String, boolean)()
352 new String[]{"bash", "-c",
allGroupsCmd});
353 reader = new BufferedReader(new
InputStreamReader(process.getInputStream()));
354 }
355
356 String line = null;
357
CID 135582: Exceptional resource leaks (RESOURCE_LEAK)
Variable "reader" going out of scope leaks the resource it refers to.
358 while ((line = reader.readLine()) != null) {
359 if (line.trim().isEmpty())
360 continue;
361
362 parseMembers(line);
363 }
{noformat}
{noformat}
CID 135581: Exceptional resource leaks (RESOURCE_LEAK)
/ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
190 in
org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
184 reader = new BufferedReader(new
InputStreamReader(process.getInputStream()));
185 }
186
187 String line = null;
188 Map<String,String> userName2uid = new
HashMap<String,String>();
189
CID 135581: Exceptional resource leaks (RESOURCE_LEAK)
Variable "reader" going out of scope leaks the resource it refers to.
190 while ((line = reader.readLine()) != null) {
191 if (line.trim().isEmpty())
192 continue;
193
194 String[] tokens = line.split(":");
195
{noformat}
{noformat}
CID 135579: Null pointer dereferences (NULL_RETURNS)
/ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
277 in
org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
271 reader = new BufferedReader(new
InputStreamReader(process.getInputStream()));
272 line = reader.readLine();
273 reader.close();
274
275 LOG.debug("id -G returned " + line);
276
CID 135579: Null pointer dereferences (NULL_RETURNS)
Calling a method on null object "line".
277 if (line.trim().isEmpty()) {
278 LOG.warn("User " +
entry.getKey() + " could not be resolved");
279 continue;
280 }
281
282 String[] gids = line.split(" ");
{noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
