hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yufei Gu (JIRA)" <j...@apache.org>
Subject [jira] [Created] (YARN-6506) Fix the code vulnerability of org.apache.hadoop.yarn.sls.SLSRunner.simulateInfoMap
Date Fri, 21 Apr 2017 04:29:04 GMT
Yufei Gu created YARN-6506:
------------------------------

             Summary: Fix the code vulnerability of org.apache.hadoop.yarn.sls.SLSRunner.simulateInfoMap
                 Key: YARN-6506
                 URL: https://issues.apache.org/jira/browse/YARN-6506
             Project: Hadoop YARN
          Issue Type: Sub-task
          Components: scheduler-load-simulator
            Reporter: Yufei Gu


It is reported by findbugs in YARN-6423.

MS_MUTABLE_COLLECTION: Field is a mutable collection

A mutable collection instance is assigned to a final static field, thus can be changed by
malicious code or by accident from another package. Consider wrapping this field into Collections.unmodifiableSet/List/Map/etc.
to avoid this vulnerability.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org


Mime
View raw message