[
https://issues.apache.org/jira/browse/RANGER-847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15149082#comment-15149082
]
Bolke de Bruin commented on RANGER-847:
---------------------------------------
I will pick this up, but I wonder: only the last one was introduced by me (not
checking for null) the rest was already in place. Are these scans new?
> Fix code scan issues
> --------------------
>
> Key: RANGER-847
> URL: https://issues.apache.org/jira/browse/RANGER-847
> Project: Ranger
> Issue Type: Bug
> Affects Versions: 0.6.0
> Reporter: Velmurugan Periasamy
> Assignee: Bolke de Bruin
> Fix For: 0.6.0
>
>
> Coverity scan reports below issues. Need to be fixed.
> {noformat}
> CID 135584: (FB.DM_DEFAULT_ENCODING)
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
> 179 in
> org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
> 271 in
> org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
> 179 in
> org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
> 173 private void buildUnixUserList(String command) throws Throwable
> {
> 174 BufferedReader reader = null;
> 175
> 176 if (!useNss) {
> 177 File file = new File(UNIX_USER_PASSWORD_FILE);
> 178 passwordFileModifiedAt = file.lastModified();
> CID 135584: (FB.DM_DEFAULT_ENCODING)
> Found reliance on default encoding: new java.io.FileReader(File).
> 179 reader = new BufferedReader(new
> FileReader(file)) ;
> 180 } else {
> 181 Process process = Runtime.getRuntime().exec(
> 182 new String[]{"bash", "-c",
> command});
> 183
> 184 reader = new BufferedReader(new
> InputStreamReader(process.getInputStream()));
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
> 271 in
> org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
> 265
> 266 // "id" is same across Linux / BSD /
> MacOSX
> 267 // gids are used as id might return
> groups with spaces, ie "domain users"
> 268 Process process =
> Runtime.getRuntime().exec(
> 269 new String[]{"bash",
> "-c", "id -G " + entry.getKey()});
> 270
> CID 135584: (FB.DM_DEFAULT_ENCODING)
> Another occurrence here
> 271 reader = new BufferedReader(new
> InputStreamReader(process.getInputStream()));
> 272 line = reader.readLine();
> 273 reader.close();
> 274
> 275 LOG.debug("id -G returned " + line);
> 276
> {noformat}
> {noformat}
> CID 135583: (FB.DM_DEFAULT_ENCODING)
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
> 349 in
> org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
> java.lang.String, boolean)()
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
> 412 in
> org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
> java.lang.String, boolean)()
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
> 349 in
> org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
> java.lang.String, boolean)()
> 343 LOG.debug("Start enumerating groups");
> 344 BufferedReader reader;
> 345
> 346 if (!useNss) {
> 347 File file = new File(UNIX_GROUP_FILE);
> 348 groupFileModifiedAt = file.lastModified();
> CID 135583: (FB.DM_DEFAULT_ENCODING)
> Found reliance on default encoding: new java.io.FileReader(File).
> 349 reader = new BufferedReader(new
> FileReader(file)) ;
> 350 } else {
> 351 Process process = Runtime.getRuntime().exec(
> 352 new String[]{"bash", "-c",
> allGroupsCmd});
> 353 reader = new BufferedReader(new
> InputStreamReader(process.getInputStream()));
> 354 }
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
> 412 in
> org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
> java.lang.String, boolean)()
> 406 for (String group : groups) {
> 407 String command =
> String.format(groupCmd, group);
> 408 String[] cmd = new String[]{"bash",
> "-c", command + " '" + group + "'"};
> 409 LOG.debug("Executing: " +
> Arrays.toString(cmd));
> 410
> 411 Process process =
> Runtime.getRuntime().exec(cmd);
> CID 135583: (FB.DM_DEFAULT_ENCODING)
> Another occurrence here
> 412 reader = new BufferedReader(new
> InputStreamReader(process.getInputStream()));
> 413 line = reader.readLine();
> 414 reader.close();
> 415 LOG.debug("bash -c " + command + " for
> group " + group + " returned " + line);
> 416
> 417 parseMembers(line);
> {noformat}
> {noformat}
> CID 135582: Exceptional resource leaks (RESOURCE_LEAK)
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
> 358 in
> org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixGroupList(java.lang.String,
> java.lang.String, boolean)()
> 352 new String[]{"bash", "-c",
> allGroupsCmd});
> 353 reader = new BufferedReader(new
> InputStreamReader(process.getInputStream()));
> 354 }
> 355
> 356 String line = null;
> 357
> CID 135582: Exceptional resource leaks (RESOURCE_LEAK)
> Variable "reader" going out of scope leaks the resource it refers to.
> 358 while ((line = reader.readLine()) != null) {
> 359 if (line.trim().isEmpty())
> 360 continue;
> 361
> 362 parseMembers(line);
> 363 }
> {noformat}
> {noformat}
> CID 135581: Exceptional resource leaks (RESOURCE_LEAK)
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
> 190 in
> org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
> 184 reader = new BufferedReader(new
> InputStreamReader(process.getInputStream()));
> 185 }
> 186
> 187 String line = null;
> 188 Map<String,String> userName2uid = new
> HashMap<String,String>();
> 189
> CID 135581: Exceptional resource leaks (RESOURCE_LEAK)
> Variable "reader" going out of scope leaks the resource it refers to.
> 190 while ((line = reader.readLine()) != null) {
> 191 if (line.trim().isEmpty())
> 192 continue;
> 193
> 194 String[] tokens = line.split(":");
> 195
> {noformat}
> {noformat}
> CID 135579: Null pointer dereferences (NULL_RETURNS)
> /ugsync/src/main/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilder.java:
> 277 in
> org.apache.ranger.unixusersync.process.UnixUserGroupBuilder.buildUnixUserList(java.lang.String)()
> 271 reader = new BufferedReader(new
> InputStreamReader(process.getInputStream()));
> 272 line = reader.readLine();
> 273 reader.close();
> 274
> 275 LOG.debug("id -G returned " + line);
> 276
> CID 135579: Null pointer dereferences (NULL_RETURNS)
> Calling a method on null object "line".
> 277 if (line.trim().isEmpty()) {
> 278 LOG.warn("User " +
> entry.getKey() + " could not be resolved");
> 279 continue;
> 280 }
> 281
> 282 String[] gids = line.split(" ");
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
