diff options
author | Jim Hahn <jrh3@att.com> | 2020-06-18 10:42:08 -0400 |
---|---|---|
committer | Jim Hahn <jrh3@att.com> | 2020-06-18 13:34:03 -0400 |
commit | 6c750f414961b3956919ef457d1bf1eb82064d15 (patch) | |
tree | 5d9df6c0f59ba72d584dcd99fb3d9575fc76f5f0 /utils-test/src/main/java | |
parent | 611f63a4bb71d677cf2665b1794e91148ba42a51 (diff) |
More sonar issues in policy-common
Addressed the following sonar issues:
- add parameters to types
- ObjectInputStream.readObject() is unsafe
Issue-ID: POLICY-2650
Change-Id: I41e1bd08643b04f409ce87c884cb0c28995e431b
Signed-off-by: Jim Hahn <jrh3@att.com>
Diffstat (limited to 'utils-test/src/main/java')
-rw-r--r-- | utils-test/src/main/java/org/onap/policy/common/utils/io/Serializer.java | 10 | ||||
-rw-r--r-- | utils-test/src/main/java/org/onap/policy/common/utils/test/ToStringTester.java | 7 |
2 files changed, 10 insertions, 7 deletions
diff --git a/utils-test/src/main/java/org/onap/policy/common/utils/io/Serializer.java b/utils-test/src/main/java/org/onap/policy/common/utils/io/Serializer.java index 9ab26d32..7e09cd96 100644 --- a/utils-test/src/main/java/org/onap/policy/common/utils/io/Serializer.java +++ b/utils-test/src/main/java/org/onap/policy/common/utils/io/Serializer.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP Policy Engine - Common Modules * ================================================================================ - * Copyright (C) 2018-2019 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2018-2020 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -73,7 +73,7 @@ public class Serializer { * @return the object that was de-serialized from the byte array * @throws IOException if an error occurs */ - public static <T> T deserialize(Class<T> clazz, byte[] data) throws IOException { + private static <T> T deserialize(Class<T> clazz, byte[] data) throws IOException { try (ByteArrayInputStream in = factory.makeByteArrayInputStream(data); ObjectInputStream ois = factory.makeObjectInputStream(in)) { @@ -133,7 +133,11 @@ public class Serializer { */ public Object readObject(ObjectInputStream ois) throws IOException { try { - return ois.readObject(); + /* + * This class is only used by junit tests. In addition, it is only used by + * deserialize(), which has been made "private", thus disabling sonar. + */ + return ois.readObject(); // NOSONAR } catch (ClassNotFoundException e) { throw new IOException(e); diff --git a/utils-test/src/main/java/org/onap/policy/common/utils/test/ToStringTester.java b/utils-test/src/main/java/org/onap/policy/common/utils/test/ToStringTester.java index 18502a35..3890ae95 100644 --- a/utils-test/src/main/java/org/onap/policy/common/utils/test/ToStringTester.java +++ b/utils-test/src/main/java/org/onap/policy/common/utils/test/ToStringTester.java @@ -37,23 +37,22 @@ import org.hamcrest.Matcher; * * @author Ram Krishna Verma (ram.krishna.verma@est.tech) */ -@SuppressWarnings("rawtypes") public class ToStringTester implements Tester { - private final Matcher matcher; + private final Matcher<?> matcher; public ToStringTester() { matcher = anything(); } - public ToStringTester(final Matcher matcher) { + public ToStringTester(final Matcher<?> matcher) { this.matcher = matcher; } @SuppressWarnings("unchecked") @Override public void run(final PojoClass pojoClass) { - final Class clazz = pojoClass.getClazz(); + final Class<?> clazz = pojoClass.getClazz(); if (anyOf(matcher).matches(clazz)) { final Object classInstance = ValidationHelper.getBasicInstance(pojoClass); |