emopers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Title: | |
| JUnitXMLReporter does not synchronize the two synchronized collections when iterating | |
| Body: | |
| In lines 177 and 180 of JUnitXMLReporter, synchronized collections m_configIssues and m_allTests | |
| are both iterated in an unsynchronized manner, but according to Oracle Java 7 API specification | |
| (http://docs.oracle.com/javase/7/docs/api/java/util/Collections.html#synchronizedList(java.util.List)), | |
| although a synchronizedList is thread-safe for list manipulations like insertion and deletion, | |
| manual synchronization is required when the collection is iterated. | |
| Failure to do so might result in non-deterministic behavior. | |
| This pull request adds a fix by synchronizing m_configIssues and m_allTests when iterating. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Title: | |
| HttpUnitUtils does not check the validity of input String | |
| Body: | |
| HttpUnitUtils.java directly calls 'st.nextToken()' on 'java.util.StringTokenizer st' | |
| without checking if there are more tokens. Because 'st' is built from the String header | |
| that can be invalid (e.g., an empty String), this can lead to a runtime exception | |
| without a useful error message. This pull request adds an error message and a test. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Title: | |
| Examiner does not check the validity of input JavaSource | |
| Body: | |
| Examiner.java calls 'scanner.next()' on 'java.util.Scanner scanner' without checking | |
| if there are more elements. Because the scanner is built from the JavaSource parameter | |
| that can be invalid (e.g., an empty source), this can lead to a runtime exception | |
| without a useful error message. This pull request adds an error message and a test. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Title: | |
| DefaultConverterLookup does not synchronize iteration on a synchronized map | |
| Body: | |
| In DefaultConverterLookup.java:59, the synchronized map, typeToConverterMap, is iterated over in an unsynchronized manner, but according to the [Oracle Java 7 API specification](http://docs.oracle.com/javase/7/docs/api/java/util/Collections.html#synchronizedMap%28java.util.Map%29), | |
| this is not thread-safe and can lead to non-deterministic behavior. This pull request adds a fix by synchronizing the iteration on typeToConverterMap. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Title: | |
| TransportConnection does not synchronize iteration on synchronized list | |
| Body: | |
| In TransportConnection.java:861, the synchronized list returned by cs.getTempDestinations() is iterated | |
| in an unsynchronized manner, but according to the [Oracle Java 7 API specification](http://docs.oracle.com/javase/7/docs/api/java/util/Collections.html#synchronizedList(java.util.List)), | |
| this is not thread-safe and can lead to non-deterministic behavior. This pull request adds a fix by synchronizing the iteration on the list returned by cs.getTempDestinations(). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Title: | |
| ZoneInfoCompiler$Zone does not check validity of input file | |
| Body: | |
| In org.joda.time.tz.ZoneInfoCompiler.java, the number of elements in the StringTokenier obtained from parsing the timezone file is not checked. There is an assumption that the input TimeZone file | |
| will always be valid, leading to runtime exceptions with no good error message when the file is invalid. This pull request adds a potential fix | |
| and a test for this issue. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Title: | |
| Examiner does not check the validity of input JavaSource | |
| Body: | |
| In Examiner.java, findAndSetPackage method calls 'scanner.next()' on 'java.util.Scanner scanner' without checking | |
| if there are more elements. Because the scanner is built from the JavaSource parameter | |
| that can be invalid (e.g., an empty source), this can lead to a runtime exception | |
| without a useful error message. This pull request adds an error message and a test. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Title: SshHelper does not catch IllegalArgumentException | |
| Body: | |
| SshHelper.java calls `java.net.InetSocketAddress` without first | |
| checking that port number is within range of valid port values (0 to 65535, inclusive). | |
| This cause an uncaught `IllegalArgumentException`: [Oracle Java 7 API specification](http://docs.oracle.com/javase/7/docs/api/java/net/InetSocketAddress.html#InetSocketAddress%28int%29). | |
| This pull request adds a check and a test for this issue. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Title: LongInterval does not catch NumberFormatException | |
| Body: | |
| LongInterval.java calls `java.lang.long.parseLong` without first | |
| checking whether the argument parses. This | |
| lead to an uncaught `NumberFormateException`: [Oracle Java 7 API specification](http://docs.oracle.com/javase/7/docs/api/java/lang/Long.html#parseLong%28java.lang.String,%20int%29). | |
| This pull request adds a check and a test for this issue. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Improvement in property ## | |
| Socket_Timeout property [here](http://bit.ly/1m5K3bc) checks that timeout value must be > 0. | |
| While [Javadoc7] (http://bit.ly/22maOIZ) specified that "A timeout of zero is interpreted as an infinite timeout". | |
| So if I want my socket to wait untill connection is established, I will use zero timeout. | |
| Property should check for timeout value >= 0. | |
OlderNewer