Return-Path: X-Original-To: apmail-cloudstack-issues-archive@www.apache.org Delivered-To: apmail-cloudstack-issues-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id CAB0318233 for ; Thu, 11 Jun 2015 16:03:01 +0000 (UTC) Received: (qmail 5251 invoked by uid 500); 11 Jun 2015 16:03:01 -0000 Delivered-To: apmail-cloudstack-issues-archive@cloudstack.apache.org Received: (qmail 5219 invoked by uid 500); 11 Jun 2015 16:03:01 -0000 Mailing-List: contact issues-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list issues@cloudstack.apache.org Received: (qmail 5207 invoked by uid 500); 11 Jun 2015 16:03:01 -0000 Delivered-To: apmail-incubator-cloudstack-issues@incubator.apache.org Received: (qmail 5204 invoked by uid 99); 11 Jun 2015 16:03:01 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 11 Jun 2015 16:03:01 +0000 Date: Thu, 11 Jun 2015 16:03:01 +0000 (UTC) From: "ASF GitHub Bot (JIRA)" To: cloudstack-issues@incubator.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (CLOUDSTACK-8551) Findbugs warning in LdapCreateAccountCmd.java and LdapImportUsersCmd.java MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/CLOUDSTACK-8551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14582151#comment-14582151 ] ASF GitHub Bot commented on CLOUDSTACK-8551: -------------------------------------------- Github user DaanHoogland commented on the pull request: https://github.com/apache/cloudstack/pull/388#issuecomment-111184803 LGTM > Findbugs warning in LdapCreateAccountCmd.java and LdapImportUsersCmd.java > ------------------------------------------------------------------------- > > Key: CLOUDSTACK-8551 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8551 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the default.) > Affects Versions: 4.3.0, 4.4.0, 4.5.1 > Reporter: Rajani Karuturi > Assignee: Rajani Karuturi > Labels: ldap > Fix For: 4.6.0 > > > LdapCreateAccountCmd.java:146, DMI_INVOKING_TOSTRING_ON_ARRAY, Priority: High > Invocation of toString on org.bouncycastle.util.encoders.Base64.encode(byte[]) in org.apache.cloudstack.api.command.LdapCreateAccountCmd.generatePassword() > The code invokes toString on an array, which will generate a fairly useless result such as [C@16f0472. Consider using Arrays.toString to convert the array into a readable String that gives the contents of the array. See Programming Puzzlers, chapter 3, puzzle 12. > LdapImportUsersCmd.java:231, DM_DEFAULT_ENCODING, Priority: High > Found reliance on default encoding in org.apache.cloudstack.api.command.LdapImportUsersCmd.generatePassword(): new String(byte[]) > Found a call to a method which will perform a byte to String (or String to byte) conversion, and will assume that the default platform encoding is suitable. This will cause the application behaviour to vary between platforms. Use an alternative API and specify a charset name or Charset object explicitly. -- This message was sent by Atlassian JIRA (v6.3.4#6332)