Fix 2 findbugs SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRI… #476
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…NG warnings in ConfigurationManagerImpl.java
|
cloudstack-pull-requests #479 SUCCESS |
| @@ -926,7 +926,7 @@ protected void checkIfPodIsDeletable(final long podId) { | |||
| dbName = "cloud"; | |||
| } | |||
|
|
|||
| String selectSql = "SELECT * FROM `" + dbName + "`.`" + tableName + "` WHERE " + column + " = ?"; | |||
| String selectSql = "SELECT * FROM `?`.`?` WHERE ? = ?"; | |||
|
|
|||
| if(tableName.equals("vm_instance")) { | |||
| selectSql += " AND state != '" + VirtualMachine.State.Expunging.toString() + "' AND removed IS NULL"; | |||
Member
There was a problem hiding this comment.
should we also move the state to a variable?
Contributor
Author
There was a problem hiding this comment.
shouldn't be necessary :)
findbugs is smart enough to check that the returned string is static and cannot be polluted by user input
that's only not the case for other variables that it can't track the origin
Member
There was a problem hiding this comment.
wondering why are we even using a prepareStatement here (and doing a fix to satisfy findbugs). Why dont we use createStatement() and execute sql directly?
Member
|
@bhaisaab did travis CI run on the updated PR? |
Member
|
@bhaisaab ignore my previous comment. looks like code change was in the other PR. |
kishankavala
pushed a commit
to kishankavala/cloudstack
that referenced
this pull request
Jun 25, 2015
…NG warnings in ConfigurationManagerImpl.java Signed-off-by: Rohit Yadav <[email protected]> This closes apache#476
yadvr
pushed a commit
that referenced
this pull request
Jan 20, 2021
Fixes #476 Signed-off-by: Rohit Yadav <[email protected]>
weizhouapache
pushed a commit
to weizhouapache/cloudstack
that referenced
this pull request
Sep 27, 2024
…update_time_fix Host capacity calculation: use VM creation time if update time is null
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
…NG warnings in ConfigurationManagerImpl.java