Resolve numerous high/medium Coverity findings #469
Conversation
| for (ColumnFamilyDefinition cf : cluster.describeKeyspace(keySpaceName).getColumnFamilyList()) { | ||
| ks.truncateColumnFamily(new ColumnFamily<Object, Object>(cf.getName(), null, null)); | ||
| final KeyspaceDefinition keyspaceDefinition = cluster.describeKeyspace(keySpaceName); | ||
| if (keyspaceDefinition != null) { |
There was a problem hiding this comment.
if (keyspaceDefinition == null) {
return;
}
| ks.truncateColumnFamily(new ColumnFamily<Object, Object>(cf.getName(), null, null)); | ||
| final KeyspaceDefinition keyspaceDefinition = cluster.describeKeyspace(keySpaceName); | ||
| if (keyspaceDefinition != null) { | ||
| for (ColumnFamilyDefinition cf : keyspaceDefinition.getColumnFamilyList()) { |
| @@ -669,6 +669,7 @@ public void commit(final Collection<InternalRelation> addedRelations, | |||
| if (logTransaction) { | |||
| //[FAILURE] Inability to log transaction fails the transaction by escalation since it's likely due to unavailability of primary | |||
| //storage backend. | |||
| assert txLog != null; | |||
There was a problem hiding this comment.
why assert and not Preconditions.checkState? recall we/I was burned a long time ago regarding silent asserts in custom vertex id logic.
| @@ -366,8 +366,10 @@ public void run() { | |||
| try { | |||
| for (Map.Entry<Long, Map<String, Object>> vprop : properties) { | |||
| Vertex v = tx.getVertex(vprop.getKey()); | |||
| for (Map.Entry<String, Object> prop : vprop.getValue().entrySet()) { | |||
| v.property(VertexProperty.Cardinality.single, prop.getKey(), prop.getValue()); | |||
| if (v != null) { | |||
There was a problem hiding this comment.
if v == null continue
and then un-nest the below.
| @@ -46,7 +46,9 @@ public CacheEdge(long id, EdgeLabel label, InternalVertex start, InternalVertex | |||
| } | |||
|
|
|||
| public Direction getVertexCentricDirection() { | |||
| return data.getCache().direction; | |||
| final RelationCache cache = data.getCache(); | |||
| assert cache != null; | |||
There was a problem hiding this comment.
Preconditions.checkState(cache != null) ?
| ""; | ||
| final RelationType relationType = | ||
| RelationTypeIndex.class.isAssignableFrom(index.getClass()) ? ((RelationTypeIndex) index).getType() : null; | ||
| final String relationTypeName = relationType == null ? "" : relationType.name(); |
| @@ -146,7 +146,7 @@ private static Conf configureByClasspath(String mapredJarFilename) { | |||
| for (String cpentry : classpath.split(File.pathSeparator)) { | |||
| if (cpentry.toLowerCase().endsWith(".jar") || cpentry.toLowerCase().endsWith(".properties")) { | |||
| paths.add(new Path(cpentry)); | |||
| if (cpentry.toLowerCase().endsWith(mrj)); | |||
| if (cpentry.toLowerCase().endsWith(mrj)) | |||
|
@sjudeng also can you update the linked issues and convert the lists to checkboxes so we can track what is done and what is not done yet? |
| @@ -43,7 +43,7 @@ public IndexFeatures(boolean supportsDocumentTTL, Mapping defaultMap, ImmutableS | |||
| String wildcardField, ImmutableSet<Cardinality> supportedCardinaities, boolean supportsNanoseconds, | |||
| boolean supportCustomAnalyzer, boolean supportsGeoContains) { | |||
|
|
|||
| Preconditions.checkArgument(defaultMap!=null || defaultMap!=Mapping.DEFAULT); | |||
There was a problem hiding this comment.
Why are we dropping the second check here? Was this meant to be && instead of ||, perhaps?
There was a problem hiding this comment.
Thanks. I guess defaultMap==Mapping.DEFAULT wouldn't make sense. Incidentally I don't see any usages of the defaultMap (accessor is not covered according to codecov).
| @@ -146,7 +146,7 @@ private static Conf configureByClasspath(String mapredJarFilename) { | |||
| for (String cpentry : classpath.split(File.pathSeparator)) { | |||
| if (cpentry.toLowerCase().endsWith(".jar") || cpentry.toLowerCase().endsWith(".properties")) { | |||
| paths.add(new Path(cpentry)); | |||
| if (cpentry.toLowerCase().endsWith(mrj)); | |||
| if (cpentry.toLowerCase().endsWith(mrj)) | |||
There was a problem hiding this comment.
This is a behavior change — while it's most likely correct and the ; was a typo, it will now do assignments conditionally, whereas before, it would be unconditional.
Does this have potential to break some MapReduce workflows as a result? Should it be documented in release notes or otherwise that this is, while a correct change, is a potential issue to watch out for when upgrading from Titan to JanusGraph or from previous JanusGraph release to later ones?
There was a problem hiding this comment.
@mbrukman Good point. But we might be okay. It definitely looks like a bug but more importantly it doesn't look like the actual JAR selected by this routine is relevant. The only usage originates from Hadoop2Compat where there's a comment that the actual JAR name (which corresponds to mapredJarFilename or mrj here) doesn't matter. I think if it did we would be seeing issues in Hadoop jobs since the incorrect job JAR is being used.
| @@ -40,7 +41,7 @@ public static void main(String args[]) throws IOException { | |||
| System.exit(1); | |||
| } | |||
|
|
|||
| log.info("Checking " + args[0]); | |||
| log.info("Checking configuration file"); | |||
There was a problem hiding this comment.
Would it make sense to still print out the value of argv[0] here so that it's clear from the logs which file path is being validated? Otherwise, this log line might not be useful in isolation, when the user doesn't know the full path to the file that's being checked.
There was a problem hiding this comment.
@mbrukman I updated to instead sanitize the input (and make a deep copy of the characters to clear the Fortify finding).
sjudeng
force-pushed
the
scan-fixes
branch
3 times, most recently
from
a45fe5b
to
b4f0f83
Compare
|
|
||
| } catch (IllegalArgumentException | NullPointerException e) { } | ||
|
|
||
| if (s != null) { |
There was a problem hiding this comment.
I understand that you're cleaning up Coverity findings here, but there's a cleaner way of writing tests that expect to fail, with a particular exception, e.g.,
More details on both approaches (as well as historic workarounds): https://blog.goyello.com/2015/10/01/different-ways-of-testing-exceptions-in-java-and-junit/
My recommendation here would be to factor out the tests that are expected to fail into separate test methods, one for each invalid input (since each one fails in a different way). Since this is technically a Coverity cleanup PR, and not a test cleanup PR, it's up to you whether you want to fix it now, or add a TODO comment / file an issue to clean it up as a follow-up change.
There was a problem hiding this comment.
@mbrukman Pushed fix to clean this up
…ify findings. Signed-off-by: sjudeng <sjudeng@users.noreply.github.com>
| @@ -313,10 +314,10 @@ private static final String getAbsolutePath(final File configParent, String file | |||
| File storedir = new File(file); | |||
| if (!storedir.isAbsolute()) { | |||
| String newFile = configParent.getAbsolutePath() + File.separator + file; | |||
| log.debug("Overwrote relative path: was {}, now {}", file, newFile); | |||
| log.debug("Overwrote relative path: was {}, now {}", sanitizeAndLaunder(file), sanitizeAndLaunder(newFile)); | |||
There was a problem hiding this comment.
Hi @sjudeng ,
I am trying to solve same problem in my project.
As fortify says "An attacker could take advantage of this behavior to forge log entries or inject malicious content into the log." and by looking at you code how com parsing each char of your string and build the string is going to help us prevent injecting?
Or is this method is just to suppress fortify scan?
There was a problem hiding this comment.
Hi @vin0010. As you note there are two issues, one is mitigating the risk of log forging and the other is resolving the Fortify finding. Currently the sanitize implementation is minimal and just replaces newline characters, though this could definitely be extended to be more robust. The second part of the implementation recreates the string, which was still needed to clear the Fortify finding in this case even after sanitizing.
Resolve numerous high/medium Coverity findings
Resolve numerous high/medium Coverity findings
Also fixes some of the Fortify findings in #50 and #52 but not all the findings in those issues are fixed so the issues should remain open.