Description
Fix issues reported by coverity test in Ranger Plugin ClassLoader
-
- CID 131860: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java: 266 in ()
- CID 131860: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
________________________________________________________________________________________________________
-
-
- CID 131860: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java: 266 in ()
260 @Override
261 public Class<?> findClass(String name) throws ClassNotFoundException { 262 return super.findClass(name); 263 }264 }
265
CID 131860: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
Should org.apache.ranger.plugin.classloader.RangerPluginClassLoader$MergeEnumeration be a static inner class?
266 class MergeEnumeration implements Enumeration<URL> {
267
268 Enumeration<URL> e1 = null;
269 Enumeration<URL> e2 = null;
270
271 public MergeEnumeration(Enumeration<URL> e1, Enumeration<URL> e2 ) {
- CID 131860: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
-
-
- CID 131859: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
/agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java: 95 in ()
- CID 131859: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
________________________________________________________________________________________________________
-
-
- CID 131859: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
/agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerOptimizedPolicyEvaluator.java: 95 in ()
89
90 if(LOG.isDebugEnabled()) { 91 LOG.debug("<== RangerOptimizedPolicyEvaluator.init()"); 92 }93 }
94
CID 131859: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
Should org.apache.ranger.plugin.policyevaluator.RangerOptimizedPolicyEvaluator$LevelResourceNames be a static inner class?
95 class LevelResourceNames implements Comparable<LevelResourceNames> {
96 final int level;
97 final RangerPolicy.RangerPolicyResource policyResource;
98
99 public LevelResourceNames(int level, RangerPolicy.RangerPolicyResource policyResource) {
100 this.level = level;
- CID 131859: FindBugs: Performance (FB.SIC_INNER_SHOULD_BE_STATIC)
-
-
-
- CID 131854: FindBugs: Malicious code vulnerability (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java: 52 in org.apache.ranger.plugin.classloader.RangerPluginClassLoader.getInstance(java.lang.String, java.lang.Class)()
46 public static RangerPluginClassLoader getInstance(String pluginType, Class<?> pluginClass ) throws Exception {
47 RangerPluginClassLoader ret = me;
48 if ( ret == null) {
49 synchronized(RangerPluginClassLoader.class)Unknown macro: {50 ret = me;51 if ( ret == null){ CID 131854: FindBugs: Malicious code vulnerability (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED) org.apache.ranger.plugin.classloader.RangerPluginClassLoader.getInstance(String, Class) creates a org.apache.ranger.plugin.classloader.RangerPluginClassLoader classloader, which should be performed within a doPrivileged block. 52 me = ret = new RangerPluginClassLoader(pluginType,pluginClass); 53 }54 }55 }
56 return ret;
57 }
- CID 131854: FindBugs: Malicious code vulnerability (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
-
-
- CID 131853: FindBugs: Malicious code vulnerability (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java: 43 in org.apache.ranger.plugin.classloader.RangerPluginClassLoader.<init>(java.lang.String, java.lang.Class)()
- CID 131853: FindBugs: Malicious code vulnerability (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
________________________________________________________________________________________________________
-
-
- CID 131853: FindBugs: Malicious code vulnerability (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoader.java: 43 in org.apache.ranger.plugin.classloader.RangerPluginClassLoader.<init>(java.lang.String, java.lang.Class)()
37 private static MyClassLoader componentClassLoader = null;
38 //private static ThreadLocal<MyClassLoader> componentClassLoader = new ThreadLocal<MyClassLoader>();
39
40 public RangerPluginClassLoader(String pluginType, Class<?> pluginClass ) throws Exception { 41 super(RangerPluginClassLoaderUtil.getInstance().getPluginFilesForServiceTypeAndPluginclass(pluginType, pluginClass), null); 42 //componentClassLoader.set(new MyClassLoader(Thread.currentThread().getContextClassLoader())); CID 131853: FindBugs: Malicious code vulnerability (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED) new org.apache.ranger.plugin.classloader.RangerPluginClassLoader(String, Class) creates a org.apache.ranger.plugin.classloader.RangerPluginClassLoader$MyClassLoader classloader, which should be performed within a doPrivileged block. 43 componentClassLoader = new MyClassLoader(Thread.currentThread().getContextClassLoader()); 44 }45
46 public static RangerPluginClassLoader getInstance(String pluginType, Class<?> pluginClass ) throws Exception {
47 RangerPluginClassLoader ret = me;
48 if ( ret == null) {
- CID 131853: FindBugs: Malicious code vulnerability (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)
-
Attachments
Issue Links
- is related to
-
RANGER-586 Ranger plugins should not add dependent libraries to component's CLASSPATH
-
- Resolved
-