Rajani, The findbugs report recorded that the conversion from the bytes array to a string failed. As a result the database value was ending up as some object.
On 28 January 2014 08:49, Rajani Karuturi <rajani.karut...@citrix.com>wrote: > Hi Ian, > Any reasons for changing the LDAP random password logic? I think this way > it would make it less secure than the previous one. > > Thanks, > ~Rajani > > > > On 28-Jan-2014, at 10:55 am, Ian Duffy <i...@ianduffy.ie> wrote: > > > Hi Animesh, > > > > Can you cherry-pick the below commit from from 4.3-forward to 4.3 branch? > > > > Fix findbug issues within LDAP authenticator > > commit 92b4f66d73562e4211d2d787554ff229dbeb5705 > > > > Thanks, > > Ian > > > > On 28 January 2014 03:48, Animesh Chaturvedi > > <animesh.chaturv...@citrix.com>wrote: > > > >> Hugo I was reviewing your commits to 4.3-forward and looked at your > commits > >> > >> > >> > https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=commit;h=f18c5a1910b6370585a1d61638b8310c3ecba5ef > >> > >> > https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=commit;h=60ac12780bfa1604902a89d5dc7937a8b9334e0d > >> I think you want the last one which has fixes for NetUtils and > >> XenServerStorageMotionStrategy for which you had put -1 in first RC but > the > >> commit includes more files. Can you make limited changes directly to > 4.3? I > >> want to build another RC later tonight > >> > >> Animesh > >> > >> > >> -----Original Message----- > >> From: Animesh Chaturvedi [mailto:animesh.chaturv...@citrix.com] > >> Sent: Monday, January 27, 2014 1:30 PM > >> To: dev@cloudstack.apache.org > >> Subject: RE: Findbugs report on 4.3-forward > >> > >> Agreed > >> > >> We need to fix the most important ones for 4.3. There may be assumptions > >> in the code which we may not know and may get broken if these issues are > >> fixed late. I will pull in the one Hugo casted his -1 for the first > vote, > >> any others? > >> > >> Animesh > >> > >> -----Original Message----- > >> From: David Nalley [mailto:da...@gnsa.us] > >> Sent: Monday, January 27, 2014 11:46 AM > >> To: dev@cloudstack.apache.org > >> Subject: Re: Findbugs report on 4.3-forward > >> > >> So just curious if I am the only one concerned about a ton of fixes > going > >> in at the last minute. If the fixes are for serious bugs and we have > >> consensus around their severity being high enough, indeed lets fix > things. > >> My concern is that much of the QA we do is manual; and while we are > getting > >> better; fixing tons of things at the last minute may have unintended > >> consequences that we don't know about and won't easily find. > >> > >> I yearn for the day when our automated testing is broad enough that we > can > >> do fixes right up to the wire and know that things still work, I am just > >> not sure that I have confidence that we are there yet. > >> Thoughts? I am being paranoid? > >> > >> --David > >> > >> On Mon, Jan 27, 2014 at 3:11 AM, Daan Hoogland <daan.hoogl...@gmail.com > > > >> wrote: > >>> Animesh, I commented the once i made yesterday with findbugs: > >>> > >>> I allready send a few and will get you a list of the rest later today. > >>> > >>> regards, > >>> > >>> On Mon, Jan 27, 2014 at 3:48 AM, Animesh Chaturvedi > >>> <animesh.chaturv...@citrix.com> wrote: > >>>> Good job fellas. I see a number of commits 20+ into 4.3-forward > branch. > >> Are their specific commits you want me to pick up out of these? > >>>> > >>>> Animesh > >>>> > >>>> -----Original Message----- > >>>> From: Daan Hoogland [mailto:daan.hoogl...@gmail.com] > >>>> Sent: Sunday, January 26, 2014 2:41 AM > >>>> To: dev > >>>> Subject: Re: Findbugs report on 4.3-forward > >>>> > >>>> I didn't get very far last night and will be looking at the server > >> package again this afternoon. > >>>> > >>>> bon appétit, > >>>> > >>>> On Sun, Jan 26, 2014 at 1:36 AM, Ian Duffy <i...@ianduffy.ie> wrote: > >>>>> Hi, > >>>>> > >>>>> Fixed the issues highlighted in the ldap user authentication package. > >>>>> > >>>>> Have pushed to 4.3-forward. > >>>>> > >>>>> Thanks, > >>>>> Ian > >>>>> > >>>>> > >>>>> On 25 January 2014 22:26, Daan Hoogland <daan.hoogl...@gmail.com> > >> wrote: > >>>>> > >>>>>>> or reply to this mail with the filename you are working on > >>>>>> I'll be looking at the server package as it seems to contain the > >>>>>> most issues. > >>>>>> > >>>>>> On Sat, Jan 25, 2014 at 4:00 PM, Hugo Trippaers <h...@trippaers.nl> > >> wrote: > >>>>>>> I've also added a job to master with the Findbugs report and the > >>>>>> cobertura code coverage report. > >>>>>>> > >>>>>>> Good stuff, we have a 12% coverage of our classes with unit tests. > >>>>>>> Huge > >>>>>> improvement over the last release where we had 4% iirc. We have 306 > >>>>>> reports from Findbugs, of which the majority are > internationalization > >> issues. > >>>>>> (String.getBytes without charset mostly). On the coverity site we > >>>>>> have > >>>>>> 6000+ issues still open, but at least that number is relatively > >>>>>> 6000+ stable, we > >>>>>> fix as much issues as we introduce and it's untuned so we can > >>>>>> assume a large number of false positives there. > >>>>>>> > >>>>>>> I think that on average the automated tools tell us that code > >>>>>>> quality is > >>>>>> improving, which a good thing. Combined with the functional testing > >>>>>> and the simulator build we can prove that we are doing quite well > >>>>>> on the code quality angle. > >>>>>>> > >>>>>>> http://jenkins.buildacloud.org/job/build-master-slowbuild/ > >>>>>>> > >>>>>>> > >>>>>>> Cheers, > >>>>>>> > >>>>>>> Hugo > >>>>>>> > >>>>>>> > >>>>>>> On 25 jan. 2014, at 14:13, Daan Hoogland > >>>>>>> <daan.hoogl...@gmail.com> > >>>>>> wrote: > >>>>>>> > >>>>>>>> H Hugo, > >>>>>>>> > >>>>>>>> I'll spend some time on it tonight. Do you have a work load > >>>>>>>> distribution scheme or is it random access? > >>>>>>>> ;) > >>>>>>>> > >>>>>>>> regards > >>>>>>>> > >>>>>>>> On Sat, Jan 25, 2014 at 12:39 PM, Hugo Trippaers > >>>>>>>> <h...@trippaers.nl> > >>>>>> wrote: > >>>>>>>>> Hey all, > >>>>>>>>> > >>>>>>>>> I've made Jenkins run the findbugs analysis on 4.3-forward. Is > >>>>>>>>> there > >>>>>> somebody who is willing to help triage the findings? Maybe there is > >>>>>> some stuff that we need to fix? > >>>>>>>>> > >>>>>>>>> the url is > >>>>>> http://jenkins.buildacloud.org/job/cloudstack-4.3-forward-maven-bui > >>>>>> ld > >>>>>> /3/findbugsResult/ > >>>>>>>>> > >>>>>>>>> Cheers, > >>>>>>>>> > >>>>>>>>> Hugo > >>>>>>> > >>>>>> > >> > >
