From b6977d2f7ce64ece732ac1a1a0525dac972d7ccf Mon Sep 17 00:00:00 2001 From: Jim Hahn Date: Wed, 17 Feb 2021 15:23:38 -0500 Subject: Fix sonars in apex-pdp Addressed the following issues: - initialize mocks before use - use parameterized queries - Random() is not secure - provide parameterized type for generics - unused imports - constructor visibility - use compute() instead of containsKey()/put() - make final fields static - rename constants to all upper case - no assert() in Thread.run() methods - nested try - nested if/else - too many break/continue - use try-with-resources - repeatable annotations - overlapping characters in reg ex - hashcode is not sufficient in compareTo() - need equals() with compareTo() - make class an interface - use parameterized test - multiple calls in assert() - log or re-throw - use different type of lambda - use parameterized logging - use StringBuilder instead of concatenation - use StandardCharsets.UTF_8 Issue-ID: POLICY-2906 Change-Id: I2cf8c885e3e22c2c6cbe6403a34906928afad022 Signed-off-by: Jim Hahn --- .../infrastructure/java/classes/ClassUtils.java | 71 ++++++++++++++-------- .../messaging/impl/ws/RawMessageHandler.java | 18 +----- .../messaging/util/MessagingUtils.java | 29 +-------- 3 files changed, 49 insertions(+), 69 deletions(-) (limited to 'core/core-infrastructure') diff --git a/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/java/classes/ClassUtils.java b/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/java/classes/ClassUtils.java index aa3adf4d0..03bedce81 100644 --- a/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/java/classes/ClassUtils.java +++ b/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/java/classes/ClassUtils.java @@ -1,6 +1,7 @@ /*- * ============LICENSE_START======================================================= * Copyright (C) 2016-2018 Ericsson. All rights reserved. + * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,6 +25,7 @@ import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; +import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; import java.net.URL; import java.net.URLClassLoader; @@ -91,33 +93,7 @@ public abstract class ClassUtils { URL[] urls = ((URLClassLoader) ClassLoader.getSystemClassLoader()).getURLs(); // Try get the classes in the bootstrap loader - try { - final Class nullclassloader = Class.forName("sun.misc.Launcher"); - if (nullclassloader != null) { - Method mmethod = nullclassloader.getMethod("getBootstrapClassPath"); - if (mmethod != null) { - final Object cp = mmethod.invoke(null, (Object[]) null); - if (cp != null) { - mmethod = cp.getClass().getMethod("getURLs"); - if (mmethod != null) { - final URL[] moreurls = (URL[]) (mmethod.invoke(cp, (Object[]) null)); - if (moreurls != null && moreurls.length > 0) { - if (urls.length == 0) { - urls = moreurls; - } else { - final URL[] result = Arrays.copyOf(urls, urls.length + moreurls.length); - System.arraycopy(moreurls, 0, result, urls.length, moreurls.length); - urls = result; - } - } - } - } - } - // end long way! - } - } catch (final ClassNotFoundException e) { - LOGGER.warn("Failed to find default path for JRE libraries", e); - } + urls = getClassesFromBootstrapLoader(urls); // Iterate over the class path entries for (final URL url : urls) { @@ -141,6 +117,47 @@ public abstract class ClassUtils { return classNameSet; } + private static URL[] getClassesFromBootstrapLoader(URL[] urls) + throws NoSuchMethodException, IllegalAccessException, InvocationTargetException { + try { + final Class nullclassloader = Class.forName("sun.misc.Launcher"); + if (nullclassloader == null) { + return urls; + } + + Method mmethod = nullclassloader.getMethod("getBootstrapClassPath"); + if (mmethod == null) { + return urls; + } + + final Object cp = mmethod.invoke(null, (Object[]) null); + if (cp == null) { + return urls; + } + + mmethod = cp.getClass().getMethod("getURLs"); + if (mmethod == null) { + return urls; + } + + final URL[] moreurls = (URL[]) (mmethod.invoke(cp, (Object[]) null)); + if (moreurls == null || moreurls.length == 0) { + return urls; + } + + if (urls.length == 0) { + return moreurls; + } else { + final URL[] result = Arrays.copyOf(urls, urls.length + moreurls.length); + System.arraycopy(moreurls, 0, result, urls.length, moreurls.length); + return result; + } + } catch (final ClassNotFoundException e) { + LOGGER.warn("Failed to find default path for JRE libraries", e); + return urls; + } + } + /** * Find all classes in directories and JARs in those directories. * diff --git a/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/impl/ws/RawMessageHandler.java b/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/impl/ws/RawMessageHandler.java index acd7bdfea..0493eafb5 100644 --- a/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/impl/ws/RawMessageHandler.java +++ b/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/impl/ws/RawMessageHandler.java @@ -2,6 +2,7 @@ * ============LICENSE_START======================================================= * Copyright (C) 2016-2018 Ericsson. All rights reserved. * Modifications Copyright (C) 2019-2020 Nordix Foundation. + * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -158,29 +159,16 @@ public class RawMessageHandler implements WebSocketMessageListener, Runnab while ((messageBlock = messageBlockQueue.poll(1, TimeUnit.MILLISECONDS)) != null) { dataHandler.post(messageBlock); } - } catch (final InterruptedException e) { - // restore the interrupt status - Thread.currentThread().interrupt(); - LOGGER.debug(RAW_MESSAGE_LISTENING_INTERRUPTED); - break; - } - try { // Read string messages from the queue and pass it to the data handler String stringMessage = null; while ((stringMessage = stringMessageQueue.poll(1, TimeUnit.MILLISECONDS)) != null) { dataHandler.post(stringMessage); } - } catch (final InterruptedException e) { - // restore the interrupt status - Thread.currentThread().interrupt(); - LOGGER.debug(RAW_MESSAGE_LISTENING_INTERRUPTED); - break; - } - // Wait for new messages - try { + // Wait for new messages Thread.sleep(QUEUE_POLL_TIMEOUT); + } catch (final InterruptedException e) { // restore the interrupt status Thread.currentThread().interrupt(); diff --git a/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/util/MessagingUtils.java b/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/util/MessagingUtils.java index 463e85f3e..bda1f870c 100644 --- a/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/util/MessagingUtils.java +++ b/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/util/MessagingUtils.java @@ -2,6 +2,7 @@ * ============LICENSE_START======================================================= * Copyright (C) 2016-2018 Ericsson. All rights reserved. * Modifications Copyright (C) 2019 Nordix Foundation. + * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -218,37 +219,11 @@ public final class MessagingUtils { public static byte[] serializeObject(final Object object) { LOGGER.entry(object.getClass().getName()); final ByteArrayOutputStream bytesOut = new ByteArrayOutputStream(); - ObjectOutputStream oos = null; - try { - oos = new ObjectOutputStream(bytesOut); + try (ObjectOutputStream oos = new ObjectOutputStream(bytesOut)) { oos.writeObject(object); } catch (final IOException e) { LOGGER.warn("error on object serialization", e); - } finally { - flushAndClose(oos, bytesOut); } return bytesOut.toByteArray(); } - - /** - * Flush and close an object stream and a byte array output stream. - * - * @param oos the object output stream - * @param bytesOut the byte array output stream - */ - private static void flushAndClose(final ObjectOutputStream oos, final ByteArrayOutputStream bytesOut) { - try { - if (oos != null) { - oos.flush(); - oos.close(); - } - if (bytesOut != null) { - bytesOut.close(); - } - - } catch (final IOException e) { - LOGGER.error("Failed to close the Srialization operation"); - LOGGER.catching(e); - } - } } -- cgit 1.2.3-korg