Skip to content

Added new inputlocation for downloading jars from maven#1045

Merged
kadirayk merged 9 commits intodevelopfrom
NewInputLocation
Sep 5, 2024
Merged

Added new inputlocation for downloading jars from maven#1045
kadirayk merged 9 commits intodevelopfrom
NewInputLocation

Conversation

@palaniappan1
Copy link
Copy Markdown
Collaborator

@palaniappan1 palaniappan1 commented Aug 29, 2024

No description provided.

marcus-h
marcus-h reviewed Aug 29, 2024
View reviewed changes
...ecode/src/main/java/sootup/java/bytecode/inputlocation/DownloadJarAnalysisInputLocation.java Outdated
HttpURLConnection connection;
String tempDirPath = System.getProperty("java.io.tmpdir");
String filename = downloadURL.substring(downloadURL.lastIndexOf("/") + 1);
File file = new File(tempDirPath, filename);
Copy link
Copy Markdown
Collaborator

@marcus-h marcus-h Aug 29, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm shouldn't we use a real tmpfile? Writing to arbitrary files in the tmpdir
is not so nice:)

Copy link
Copy Markdown
Collaborator Author

@palaniappan1 palaniappan1 Aug 29, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the real temp file, tmp directory by JVM.

Copy link
Copy Markdown
Collaborator

@marcus-h marcus-h Aug 29, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A user could have intentionally created a file called /tmp/foo-1.2.3.jar,
which is then overwritten by the downloader. IMHO, we shouldn't do that.
Let's use a "real" tmpfile, which is created, for instance, via
Files.createTempFile(...).

marcus-h
marcus-h reviewed Aug 29, 2024
View reviewed changes
...ecode/src/main/java/sootup/java/bytecode/inputlocation/DownloadJarAnalysisInputLocation.java Outdated
}
}
} catch (IOException e) {
throw new RuntimeException(e);
Copy link
Copy Markdown
Collaborator

@marcus-h marcus-h Aug 29, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm maybe an UncheckedIOException?

Copy link
Copy Markdown
Collaborator Author

@palaniappan1 palaniappan1 Aug 29, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think Unchecked is really needed here. Simple file operations, so IOException itself is enough i think.

Copy link
Copy Markdown
Collaborator

@marcus-h marcus-h Aug 29, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was talking about "new RuntimeException(e)" vs. "new UncheckedIOException(e)".

@kadirayk kadirayk merged commit 1322060 into develop Sep 5, 2024
@kadirayk kadirayk deleted the NewInputLocation branch September 5, 2024 12:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marcus-h marcus-h marcus-h left review comments

@swissiety swissiety swissiety approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@palaniappan1 @marcus-h @swissiety @kadirayk