This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push: new 7031427 Backport false positive fixes 7031427 is described below commit 7031427cd4decf20ebbede3e4a25bc0e63157853 Author: Mark Thomas <ma...@apache.org> AuthorDate: Mon Oct 19 16:10:20 2020 +0100 Backport false positive fixes --- res/findbugs/filter-false-positives.xml | 57 ++++++++++++++++++++++++--------- 1 file changed, 42 insertions(+), 15 deletions(-) diff --git a/res/findbugs/filter-false-positives.xml b/res/findbugs/filter-false-positives.xml index 5dd4e2c..19aab07 100644 --- a/res/findbugs/filter-false-positives.xml +++ b/res/findbugs/filter-false-positives.xml @@ -407,21 +407,6 @@ </Or> </Match> <Match> - <!-- Name shadowing is intentional --> - <Or> - <Class name="org.apache.catalina.servlet4preview.AsyncContext"/> - <Class name="org.apache.catalina.servlet4preview.RequestDispatcher"/> - <Class name="org.apache.catalina.servlet4preview.ServletContext"/> - <Class name="org.apache.catalina.servlet4preview.http.HttpServletRequest"/> - </Or> - <Bug pattern="NM_SAME_SIMPLE_NAME_AS_INTERFACE"/> - </Match> - <Match> - <!-- Name shadowing is intentional --> - <Class name="org.apache.catalina.servlet4preview.http.HttpServletRequestWrapper"/> - <Bug pattern="NM_SAME_SIMPLE_NAME_AS_SUPERCLASS"/> - </Match> - <Match> <!-- The header value is safe --> <Class name="org.apache.catalina.servlets.DefaultServlet" /> <Method name="doDirectoryRedirect" /> @@ -553,6 +538,12 @@ <Bug code="NP" /> </Match> <Match> + <!-- Domain resolution not an issue here --> + <Class name="org.apache.catalina.startup.WebappServiceLoader" /> + <Method name="load" /> + <Bug pattern="DMI_COLLECTION_OF_URLS" /> + </Match> + <Match> <!-- Deployer instance may implement Listener --> <Class name="org.apache.catalina.storeconfig.CatalinaClusterSF" /> <Method name="storeChildren" /> @@ -714,6 +705,15 @@ <Bug code="SQL" /> </Match> <Match> + <!-- NO-OPs due to remaining FIXMEs --> + <Class name="org.apache.catalina.valves.rewrite.ResolverImpl"/> + <Method name="resolveSsl"/> + <Or> + <Bug pattern="DLS_DEAD_LOCAL_STORE"/> + <Bug pattern="RV_RETURN_VALUE_IGNORED"/> + </Or> + </Match> + <Match> <!-- request.getQueryString() can be null because o.a.t.util.buf.MessageBytes.toString() can return NULL --> <Class name="org.apache.catalina.valves.rewrite.RewriteValve"/> @@ -1030,6 +1030,12 @@ </Or> </Match> <Match> + <!-- Sync protects writing not reading --> + <Class name="org.apache.tomcat.dbcp.dbcp2.BasicDataSource" /> + <Field name="closed" /> + <Bug pattern="IS2_INCONSISTENT_SYNC" /> + </Match> + <Match> <!-- Return value is never used --> <Class name="org.apache.tomcat.dbcp.dbcp2.DelegatingConnection" /> <Method name="prepareStatement" /> @@ -1320,6 +1326,12 @@ <Bug code="SF" /> </Match> <Match> + <!-- Returns null by design --> + <Class name="org.apache.tomcat.util.http.parser.EntityTag" /> + <Method name="compareEntityTag"/> + <Bug pattern="NP_BOOLEAN_RETURN_NULL" /> + </Match> + <Match> <!-- Hiding of field in superclass is deliberate --> <Class name="org.apache.tomcat.util.modeler.NotificationInfo"/> <Field name="info" /> @@ -1880,6 +1892,12 @@ <Bug pattern="ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD"/> </Match> <Match> + <!-- Test code - and e3choing a header should be safe anyway --> + <Class name="org.apache.coyote.http11.upgrade.TestUpgrade$UpgradeServlet"/> + <Method name="doGet"/> + <Bug pattern="HRS_REQUEST_PARAMETER_TO_HTTP_HEADER"/> + </Match> + <Match> <!-- Latch isn't essential so no need to check return --> <Class name="org.apache.coyote.http2.TestAsyncTimeout"/> <Method name="testTimeout"/> @@ -2075,6 +2093,12 @@ </Or> </Match> <Match> + <!-- Array contents is not mutated --> + <Class name="org.apache.tomcat.websocket.pojo.TestEncodingDecoding$MsgByte"/> + <Field name="data"/> + <Bug pattern="VO_VOLATILE_REFERENCE_TO_ARRAY"/> + </Match> + <Match> <!-- Return value of latch is intentionally ignored --> <Or> <Class name="org.apache.tomcat.websocket.TestWebSocketFrameClient"/> @@ -2114,6 +2138,9 @@ <Method name="testEgMailingList04" /> <Method name="testEgMailingList05" /> <Method name="testQuote2" /> + <Method name="testSpecIssue194a" /> + <Method name="testSpecIssue194b" /> + <Method name="testSpecIssue194c" /> </Or> <Bug pattern="DLS_DEAD_LOCAL_STORE"/> </Match> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org