Fix Parameters Vulnerabilities

Change-Id: I0774c1a592f9daf5c09f4d0935a9ee862a834e51
Signed-off-by: Mariusz Sobucki <mariusz.sobucki@ericsson.com>
Issue-ID: DMAAP-775

diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java
index b237821..4d2c9d1 100644 (file)
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/Parameters.java
@@ -35,13 +35,14 @@ import org.json.JSONObject;
 import org.onap.dmaap.datarouter.provisioning.utils.DB;\r
 \r
 /**\r
- * Methods to provide access to Provisioning parameters in the DB.\r
- * This class also provides constants of the standard parameters used by the Data Router.\r
+ * Methods to provide access to Provisioning parameters in the DB. This class also provides constants of the standard\r
+ * parameters used by the Data Router.\r
  *\r
  * @author Robert Eby\r
  * @version $Id: Parameters.java,v 1.11 2014/03/12 19:45:41 eby Exp $\r
  */\r
 public class Parameters extends Syncable {\r
+\r
     public static final String PROV_REQUIRE_SECURE = "PROV_REQUIRE_SECURE";\r
     public static final String PROV_REQUIRE_CERT = "PROV_REQUIRE_CERT";\r
     public static final String PROV_AUTH_ADDRESSES = "PROV_AUTH_ADDRESSES";\r
@@ -90,9 +91,9 @@ public class Parameters extends Syncable {
             DB db = new DB();\r
             @SuppressWarnings("resource")\r
             Connection conn = db.getConnection();\r
-            try(Statement stmt = conn.createStatement()) {\r
+            try (Statement stmt = conn.createStatement()) {\r
                 String sql = "select * from PARAMETERS";\r
-                try(ResultSet rs = stmt.executeQuery(sql)) {\r
+                try (ResultSet rs = stmt.executeQuery(sql)) {\r
                     while (rs.next()) {\r
                         Parameters p = new Parameters(rs);\r
                         coll.add(p);\r
@@ -101,7 +102,7 @@ public class Parameters extends Syncable {
             }\r
             db.release(conn);\r
         } catch (SQLException e) {\r
-            e.printStackTrace();\r
+            intlogger.error("SQLException " + e.getMessage());\r
         }\r
         return coll;\r
     }\r
@@ -118,9 +119,10 @@ public class Parameters extends Syncable {
             DB db = new DB();\r
             @SuppressWarnings("resource")\r
             Connection conn = db.getConnection();\r
-            try(PreparedStatement stmt = conn.prepareStatement("select KEYNAME, VALUE from PARAMETERS where KEYNAME = ?")) {\r
+            try (PreparedStatement stmt = conn\r
+                    .prepareStatement("select KEYNAME, VALUE from PARAMETERS where KEYNAME = ?")) {\r
                 stmt.setString(1, k);\r
-                try(ResultSet rs = stmt.executeQuery()) {\r
+                try (ResultSet rs = stmt.executeQuery()) {\r
                     if (rs.next()) {\r
                         v = new Parameters(rs);\r
                     }\r
@@ -128,7 +130,7 @@ public class Parameters extends Syncable {
             }\r
             db.release(conn);\r
         } catch (SQLException e) {\r
-            e.printStackTrace();\r
+            intlogger.error("SQLException " + e.getMessage());\r
         }\r
         return v;\r
     }\r
@@ -185,14 +187,13 @@ public class Parameters extends Syncable {
         } catch (SQLException e) {\r
             rv = false;\r
             intlogger.warn("PROV0005 doInsert: " + e.getMessage());\r
-            e.printStackTrace();\r
         } finally {\r
             try {\r
-                if(ps!=null) {\r
+                if (ps != null) {\r
                     ps.close();\r
                 }\r
             } catch (SQLException e) {\r
-                e.printStackTrace();\r
+                intlogger.error("SQLException " + e.getMessage());\r
             }\r
         }\r
         return rv;\r
@@ -212,14 +213,13 @@ public class Parameters extends Syncable {
         } catch (SQLException e) {\r
             rv = false;\r
             intlogger.warn("PROV0006 doUpdate: " + e.getMessage());\r
-            e.printStackTrace();\r
         } finally {\r
             try {\r
-                if(ps!=null) {\r
+                if (ps != null) {\r
                     ps.close();\r
                 }\r
             } catch (SQLException e) {\r
-                e.printStackTrace();\r
+                intlogger.error("SQLException " + e.getMessage());\r
             }\r
         }\r
         return rv;\r
@@ -238,14 +238,13 @@ public class Parameters extends Syncable {
         } catch (SQLException e) {\r
             rv = false;\r
             intlogger.warn("PROV0007 doDelete: " + e.getMessage());\r
-            e.printStackTrace();\r
         } finally {\r
             try {\r
-                if(ps!=null) {\r
+                if (ps != null) {\r
                     ps.close();\r
                 }\r
             } catch (SQLException e) {\r
-                e.printStackTrace();\r
+                intlogger.error("SQLException " + e.getMessage());\r
             }\r
         }\r
         return rv;\r
@@ -258,13 +257,16 @@ public class Parameters extends Syncable {
 \r
     @Override\r
     public boolean equals(Object obj) {\r
-        if (!(obj instanceof Parameters))\r
+        if (!(obj instanceof Parameters)) {\r
             return false;\r
+        }\r
         Parameters of = (Parameters) obj;\r
-        if (!keyname.equals(of.keyname))\r
+        if (!keyname.equals(of.keyname)) {\r
             return false;\r
-        if (!value.equals(of.value))\r
+        }\r
+        if (!value.equals(of.value)) {\r
             return false;\r
+        }\r
         return true;\r
     }\r
 \r