New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Resolve numerous high/medium Coverity findings #469
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks, some comments
for (ColumnFamilyDefinition cf : cluster.describeKeyspace(keySpaceName).getColumnFamilyList()) { | ||
ks.truncateColumnFamily(new ColumnFamily<Object, Object>(cf.getName(), null, null)); | ||
final KeyspaceDefinition keyspaceDefinition = cluster.describeKeyspace(keySpaceName); | ||
if (keyspaceDefinition != null) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if (keyspaceDefinition == null) {
return;
}
ks.truncateColumnFamily(new ColumnFamily<Object, Object>(cf.getName(), null, null)); | ||
final KeyspaceDefinition keyspaceDefinition = cluster.describeKeyspace(keySpaceName); | ||
if (keyspaceDefinition != null) { | ||
for (ColumnFamilyDefinition cf : keyspaceDefinition.getColumnFamilyList()) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
un-nest from if
@@ -669,6 +669,7 @@ public void commit(final Collection<InternalRelation> addedRelations, | |||
if (logTransaction) { | |||
//[FAILURE] Inability to log transaction fails the transaction by escalation since it's likely due to unavailability of primary | |||
//storage backend. | |||
assert txLog != null; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why assert and not Preconditions.checkState? recall we/I was burned a long time ago regarding silent asserts in custom vertex id logic.
@@ -366,8 +366,10 @@ public void run() { | |||
try { | |||
for (Map.Entry<Long, Map<String, Object>> vprop : properties) { | |||
Vertex v = tx.getVertex(vprop.getKey()); | |||
for (Map.Entry<String, Object> prop : vprop.getValue().entrySet()) { | |||
v.property(VertexProperty.Cardinality.single, prop.getKey(), prop.getValue()); | |||
if (v != null) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if v == null continue
and then un-nest the below.
@@ -46,7 +46,9 @@ public CacheEdge(long id, EdgeLabel label, InternalVertex start, InternalVertex | |||
} | |||
|
|||
public Direction getVertexCentricDirection() { | |||
return data.getCache().direction; | |||
final RelationCache cache = data.getCache(); | |||
assert cache != null; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Preconditions.checkState(cache != null) ?
""; | ||
final RelationType relationType = | ||
RelationTypeIndex.class.isAssignableFrom(index.getClass()) ? ((RelationTypeIndex) index).getType() : null; | ||
final String relationTypeName = relationType == null ? "" : relationType.name(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
externalize the empty string?
@@ -146,7 +146,7 @@ private static Conf configureByClasspath(String mapredJarFilename) { | |||
for (String cpentry : classpath.split(File.pathSeparator)) { | |||
if (cpentry.toLowerCase().endsWith(".jar") || cpentry.toLowerCase().endsWith(".properties")) { | |||
paths.add(new Path(cpentry)); | |||
if (cpentry.toLowerCase().endsWith(mrj)); | |||
if (cpentry.toLowerCase().endsWith(mrj)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
use braces
@sjudeng also can you update the linked issues and convert the lists to checkboxes so we can track what is done and what is not done yet? |
@@ -43,7 +43,7 @@ public IndexFeatures(boolean supportsDocumentTTL, Mapping defaultMap, ImmutableS | |||
String wildcardField, ImmutableSet<Cardinality> supportedCardinaities, boolean supportsNanoseconds, | |||
boolean supportCustomAnalyzer, boolean supportsGeoContains) { | |||
|
|||
Preconditions.checkArgument(defaultMap!=null || defaultMap!=Mapping.DEFAULT); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why are we dropping the second check here? Was this meant to be &&
instead of ||
, perhaps?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks. I guess defaultMap==Mapping.DEFAULT
wouldn't make sense. Incidentally I don't see any usages of the defaultMap (accessor is not covered according to codecov).
@@ -146,7 +146,7 @@ private static Conf configureByClasspath(String mapredJarFilename) { | |||
for (String cpentry : classpath.split(File.pathSeparator)) { | |||
if (cpentry.toLowerCase().endsWith(".jar") || cpentry.toLowerCase().endsWith(".properties")) { | |||
paths.add(new Path(cpentry)); | |||
if (cpentry.toLowerCase().endsWith(mrj)); | |||
if (cpentry.toLowerCase().endsWith(mrj)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a behavior change — while it's most likely correct and the ;
was a typo, it will now do assignments conditionally, whereas before, it would be unconditional.
Does this have potential to break some MapReduce workflows as a result? Should it be documented in release notes or otherwise that this is, while a correct change, is a potential issue to watch out for when upgrading from Titan to JanusGraph or from previous JanusGraph release to later ones?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mbrukman Good point. But we might be okay. It definitely looks like a bug but more importantly it doesn't look like the actual JAR selected by this routine is relevant. The only usage originates from Hadoop2Compat where there's a comment that the actual JAR name (which corresponds to mapredJarFilename
or mrj
here) doesn't matter. I think if it did we would be seeing issues in Hadoop jobs since the incorrect job JAR is being used.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM +1
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Minor question.
@@ -40,7 +41,7 @@ public static void main(String args[]) throws IOException { | |||
System.exit(1); | |||
} | |||
|
|||
log.info("Checking " + args[0]); | |||
log.info("Checking configuration file"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would it make sense to still print out the value of argv[0]
here so that it's clear from the logs which file path is being validated? Otherwise, this log line might not be useful in isolation, when the user doesn't know the full path to the file that's being checked.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mbrukman I updated to instead sanitize the input (and make a deep copy of the characters to clear the Fortify finding).
a45fe5b
to
b4f0f83
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The PR looks good overall, thanks for fixing all of these issues! One question/comment below.
|
||
} catch (IllegalArgumentException | NullPointerException e) { } | ||
|
||
if (s != null) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I understand that you're cleaning up Coverity findings here, but there's a cleaner way of writing tests that expect to fail, with a particular exception, e.g.,
More details on both approaches (as well as historic workarounds): https://blog.goyello.com/2015/10/01/different-ways-of-testing-exceptions-in-java-and-junit/
My recommendation here would be to factor out the tests that are expected to fail into separate test methods, one for each invalid input (since each one fails in a different way). Since this is technically a Coverity cleanup PR, and not a test cleanup PR, it's up to you whether you want to fix it now, or add a TODO comment / file an issue to clean it up as a follow-up change.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mbrukman Pushed fix to clean this up
…ify findings. Signed-off-by: sjudeng <sjudeng@users.noreply.github.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@@ -313,10 +314,10 @@ private static final String getAbsolutePath(final File configParent, String file | |||
File storedir = new File(file); | |||
if (!storedir.isAbsolute()) { | |||
String newFile = configParent.getAbsolutePath() + File.separator + file; | |||
log.debug("Overwrote relative path: was {}, now {}", file, newFile); | |||
log.debug("Overwrote relative path: was {}, now {}", sanitizeAndLaunder(file), sanitizeAndLaunder(newFile)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @sjudeng ,
I am trying to solve same problem in my project.
As fortify says "An attacker could take advantage of this behavior to forge log entries or inject malicious content into the log." and by looking at you code how com parsing each char of your string and build the string is going to help us prevent injecting?
Or is this method is just to suppress fortify scan?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @vin0010. As you note there are two issues, one is mitigating the risk of log forging and the other is resolving the Fortify finding. Currently the sanitize implementation is minimal and just replaces newline characters, though this could definitely be extended to be more robust. The second part of the implementation recreates the string, which was still needed to clear the Fortify finding in this case even after sanitizing.
Resolve numerous high/medium Coverity findings
Resolve numerous high/medium Coverity findings
Also fixes some of the Fortify findings in #50 and #52 but not all the findings in those issues are fixed so the issues should remain open.