Weird new File("blah") in nextByte #86

Open

Open

Weird new File("blah") in nextByte#86

opened

on Jan 21, 2022

After 1 Minute of Code Review, I found this weird line.

Does nobody look at the code, before using it (with admin privilidges)?

After 1 Minute of Code Review, I found this weird line.

Does nobody look at the code, before using it (with admin privilidges)?

I noticed that as well. It appears to be a harmless remnant of testing/debugging code that wasn't cleaned up.

log4j-detector/src/main/java/com/mergebase/log4j/Log4JDetector.java

Lines 207 to 214 in 8cb0604

    
           private static int nextByte(int[] four, InputStream in) throws IOException { 
        
               four[0] = four[1]; 
        
               four[1] = four[2]; 
        
               four[2] = four[3]; 
        
               four[3] = in.read(); 
        
               File f = new File("blah"); 
        
               return four[3]; 
        
           }

There are other examples of code — for example, Strings.java — which seem 'strange', but make sense when you consider that this project was developed in a hurry and doesn't have any third-party dependencies.

Author

There are several companies which use this tool to scan all computers of all employees.
So my comment was not a critisism of the original authors, but more a call out to all the users of this software to make an own code review before using it!
better would be a code contribution... , but I am not in charge of using this software on a corporate level.

Actually, I made a pull request for that in #77 already.

linked a pull request that will close this issue

Unused variable removed #77

to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

Labels

No labels

No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

Unused variable removedmergebase/log4j-detector

Participants