diff options
author | Ram Koya <rk541m@att.com> | 2018-09-17 14:31:54 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2018-09-17 14:31:54 +0000 |
commit | 1298e6487340fcb1644c4a0a7e06026d156bdf8f (patch) | |
tree | ad1155906ab952ffcc57b0eb92ffa2912c53b893 | |
parent | 6d10bed2c0a833ae38d49efe8df0b74c825633e8 (diff) | |
parent | e5231e1f3585144e1f8bfab9d62733b8a43c3f9d (diff) |
Merge "Fix new sonar vulnerabilities"
6 files changed, 29 insertions, 17 deletions
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/InternalServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/InternalServlet.java index 61845cef..10aea782 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/InternalServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/InternalServlet.java @@ -245,8 +245,12 @@ public class InternalServlet extends ProxyServlet { } if (path.equals("/prov")) { if (isProxyOK(req) && isProxyServer()) { - if (super.doGetWithFallback(req, resp)) { - return; + try { + if (super.doGetWithFallback(req, resp)) { + return; + } + } catch (IOException ioe) { + intlogger.error("Error: " + ioe.getMessage()); } // fall back to returning the local data if the remote is unreachable intlogger.info("Active server unavailable; falling back to local copy."); @@ -469,9 +473,13 @@ public class InternalServlet extends ProxyServlet { } InputStream is = req.getInputStream(); ByteArrayOutputStream bos = new ByteArrayOutputStream(); - int ch = 0; - while ((ch = is.read()) >= 0) { - bos.write(ch); + int ch; + try { + while ((ch = is.read()) >= 0) { + bos.write(ch); + } + } catch (IOException ioe) { + intlogger.error("Error: " + ioe.getMessage()); } RLEBitSet bs = new RLEBitSet(bos.toString()); // The set of records to retrieve elr.setResult(HttpServletResponse.SC_OK); diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java index 8d6bfcf0..66a9d42b 100755 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java @@ -109,8 +109,7 @@ public class ProxyServlet extends BaseServlet { try (FileInputStream instream = new FileInputStream(new File(store))) { ks.load(instream, pass.toCharArray()); } catch (FileNotFoundException fileNotFoundException) { - System.err.println("ProxyServlet: " + fileNotFoundException); - fileNotFoundException.printStackTrace(); + intlogger.error("ProxyServlet: " + fileNotFoundException.getMessage()); } catch (Exception x) { System.err.println("READING TRUSTSTORE: " + x); } diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Feed.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Feed.java index c08bce57..9c060d5e 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Feed.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Feed.java @@ -72,8 +72,9 @@ public class Feed extends Syncable { try {
DB db = new DB();
Connection conn = db.getConnection();
- try(Statement stmt = conn.createStatement()) {
- try(ResultSet rs = stmt.executeQuery("select COUNT(*) from FEEDS where FEEDID = " + id)) {
+ try(PreparedStatement stmt = conn.prepareStatement("select COUNT(*) from FEEDS where FEEDID = ?")) {
+ stmt.setInt(1, id);
+ try(ResultSet rs = stmt.executeQuery()) {
if (rs.next()) {
count = rs.getInt(1);
}
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Group.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Group.java index a460d647..91d6c1b4 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Group.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Group.java @@ -133,14 +133,15 @@ public class Group extends Syncable { }
public static Collection<String> getGroupsByClassfication(String classfication) {
- List<String> list = new ArrayList<String>();
- String sql = "select * from GROUPS where classification = '" + classfication + "'";
+ List<String> list = new ArrayList<>();
+ String sql = "select * from GROUPS where classification = ?";
try {
DB db = new DB();
@SuppressWarnings("resource")
Connection conn = db.getConnection();
- try(Statement stmt = conn.createStatement()) {
- try(ResultSet rs = stmt.executeQuery(sql)) {
+ try(PreparedStatement stmt = conn.prepareStatement(sql)) {
+ stmt.setString(1, classfication);
+ try(ResultSet rs = stmt.executeQuery()) {
while (rs.next()) {
int groupid = rs.getInt("groupid");
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java index 3e8c90b4..b2378218 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java @@ -118,9 +118,9 @@ public class Parameters extends Syncable { DB db = new DB();
@SuppressWarnings("resource")
Connection conn = db.getConnection();
- try(Statement stmt = conn.createStatement()) {
- String sql = "select KEYNAME, VALUE from PARAMETERS where KEYNAME = '" + k + "'";
- try(ResultSet rs = stmt.executeQuery(sql)) {
+ try(PreparedStatement stmt = conn.prepareStatement("select KEYNAME, VALUE from PARAMETERS where KEYNAME = ?")) {
+ stmt.setString(1, k);
+ try(ResultSet rs = stmt.executeQuery()) {
if (rs.next()) {
v = new Parameters(rs);
}
diff --git a/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberProps.java b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberProps.java index 39ab166b..329c06a5 100644 --- a/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberProps.java +++ b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberProps.java @@ -26,9 +26,12 @@ package org.onap.dmaap.datarouter.subscriber; import java.io.IOException; import java.util.Properties; +import org.apache.log4j.Logger; + public class SubscriberProps { private static SubscriberProps instance = null; + private static Logger subLogger = Logger.getLogger("org.onap.dmaap.datarouter.subscriber.internal"); private Properties properties; private SubscriberProps(String propsPath) throws IOException{ @@ -42,7 +45,7 @@ public class SubscriberProps { try { instance = new SubscriberProps(propsPath); } catch (IOException ioe) { - ioe.printStackTrace(); + subLogger.error("IO Exception: " + ioe.getMessage()); } } return instance; |