zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From afine <...@git.apache.org>
Subject [GitHub] zookeeper pull request #232: ZOOKEEPER-2731: Cleanup findbug warnings in bra...
Date Tue, 18 Apr 2017 19:51:06 GMT
GitHub user afine opened a pull request:


    ZOOKEEPER-2731: Cleanup findbug warnings in branch-3.4: Malicious code vulnerability Warnings

    There are two interesting parts to this change.
    The first is in the Jute compiler. Fields that are declared buffers (translated to byte[]
in java) now perform a clone in the constructor and while "getting and setting", following
best practice. This prevents accidental changes to arrays once passed into or out of jute
records but may negatively impact memory usage and performance. Would be interested in hearing
if people think this is acceptable.
    The second is in ZooDefs. We are currently declaring our predefined ACL lists with `new
ArrayList<ACL>(Collections.singletonList(new ACL(...`. This seems strange to me as we
appear to be converting a List type to an ArrayList. Would be great if someone could shed
some light on why we do this. I think this logic can be simplified to `Collections.singletonList(new
ACL(...` with the added bonus that the resulting list is immutable (making FindBugs happy).


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/afine/zookeeper ZOOKEEPER-2731

Alternatively you can review and apply these changes as the patch at:


To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #232
commit c5e3900bf768c6b4b1c0a2683be2b08259d328f8
Author: Abraham Fine <afine@apache.org>
Date:   2017-04-18T19:39:46Z

    ZOOKEEPER-2731: Cleanup findbug warnings in branch-3.4: Malicious code vulnerability Warnings


If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.

View raw message