aboutsummaryrefslogtreecommitdiffstats
path: root/datarouter-prov
diff options
context:
space:
mode:
authorConor Ward <conor.ward@ericsson.com>2018-09-14 06:55:06 +0000
committerConor Ward <conor.ward@ericsson.com>2018-09-14 06:55:06 +0000
commite5231e1f3585144e1f8bfab9d62733b8a43c3f9d (patch)
tree4d6809569d141c4c82d79c9b8ce7202685776065 /datarouter-prov
parentd6c28ce28b8c66fe9784af894cf9385f6d2c8e76 (diff)
Fix new sonar vulnerabilities
Change-Id: I56258ef54bbe44ff1c172ab51d19f251adb7aaf4 Signed-off-by: Conor Ward <conor.ward@ericsson.com> Issue-ID: DMAAP-771
Diffstat (limited to 'datarouter-prov')
-rw-r--r--datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/InternalServlet.java18
-rwxr-xr-xdatarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java3
-rw-r--r--datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Feed.java5
-rw-r--r--datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Group.java9
-rw-r--r--datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java6
5 files changed, 25 insertions, 16 deletions
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/InternalServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/InternalServlet.java
index 61845cef..10aea782 100644
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/InternalServlet.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/InternalServlet.java
@@ -245,8 +245,12 @@ public class InternalServlet extends ProxyServlet {
}
if (path.equals("/prov")) {
if (isProxyOK(req) && isProxyServer()) {
- if (super.doGetWithFallback(req, resp)) {
- return;
+ try {
+ if (super.doGetWithFallback(req, resp)) {
+ return;
+ }
+ } catch (IOException ioe) {
+ intlogger.error("Error: " + ioe.getMessage());
}
// fall back to returning the local data if the remote is unreachable
intlogger.info("Active server unavailable; falling back to local copy.");
@@ -469,9 +473,13 @@ public class InternalServlet extends ProxyServlet {
}
InputStream is = req.getInputStream();
ByteArrayOutputStream bos = new ByteArrayOutputStream();
- int ch = 0;
- while ((ch = is.read()) >= 0) {
- bos.write(ch);
+ int ch;
+ try {
+ while ((ch = is.read()) >= 0) {
+ bos.write(ch);
+ }
+ } catch (IOException ioe) {
+ intlogger.error("Error: " + ioe.getMessage());
}
RLEBitSet bs = new RLEBitSet(bos.toString()); // The set of records to retrieve
elr.setResult(HttpServletResponse.SC_OK);
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java
index 8d6bfcf0..66a9d42b 100755
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java
@@ -109,8 +109,7 @@ public class ProxyServlet extends BaseServlet {
try (FileInputStream instream = new FileInputStream(new File(store))) {
ks.load(instream, pass.toCharArray());
} catch (FileNotFoundException fileNotFoundException) {
- System.err.println("ProxyServlet: " + fileNotFoundException);
- fileNotFoundException.printStackTrace();
+ intlogger.error("ProxyServlet: " + fileNotFoundException.getMessage());
} catch (Exception x) {
System.err.println("READING TRUSTSTORE: " + x);
}
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Feed.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Feed.java
index c08bce57..9c060d5e 100644
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Feed.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Feed.java
@@ -72,8 +72,9 @@ public class Feed extends Syncable {
try {
DB db = new DB();
Connection conn = db.getConnection();
- try(Statement stmt = conn.createStatement()) {
- try(ResultSet rs = stmt.executeQuery("select COUNT(*) from FEEDS where FEEDID = " + id)) {
+ try(PreparedStatement stmt = conn.prepareStatement("select COUNT(*) from FEEDS where FEEDID = ?")) {
+ stmt.setInt(1, id);
+ try(ResultSet rs = stmt.executeQuery()) {
if (rs.next()) {
count = rs.getInt(1);
}
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Group.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Group.java
index a460d647..91d6c1b4 100644
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Group.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Group.java
@@ -133,14 +133,15 @@ public class Group extends Syncable {
}
public static Collection<String> getGroupsByClassfication(String classfication) {
- List<String> list = new ArrayList<String>();
- String sql = "select * from GROUPS where classification = '" + classfication + "'";
+ List<String> list = new ArrayList<>();
+ String sql = "select * from GROUPS where classification = ?";
try {
DB db = new DB();
@SuppressWarnings("resource")
Connection conn = db.getConnection();
- try(Statement stmt = conn.createStatement()) {
- try(ResultSet rs = stmt.executeQuery(sql)) {
+ try(PreparedStatement stmt = conn.prepareStatement(sql)) {
+ stmt.setString(1, classfication);
+ try(ResultSet rs = stmt.executeQuery()) {
while (rs.next()) {
int groupid = rs.getInt("groupid");
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java
index 3e8c90b4..b2378218 100644
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java
@@ -118,9 +118,9 @@ public class Parameters extends Syncable {
DB db = new DB();
@SuppressWarnings("resource")
Connection conn = db.getConnection();
- try(Statement stmt = conn.createStatement()) {
- String sql = "select KEYNAME, VALUE from PARAMETERS where KEYNAME = '" + k + "'";
- try(ResultSet rs = stmt.executeQuery(sql)) {
+ try(PreparedStatement stmt = conn.prepareStatement("select KEYNAME, VALUE from PARAMETERS where KEYNAME = ?")) {
+ stmt.setString(1, k);
+ try(ResultSet rs = stmt.executeQuery()) {
if (rs.next()) {
v = new Parameters(rs);
}