[GR-14133] Fix relevant issues identified by Fortify report.

Part 1 - the high issues.

Author: ppisl

graalpython/com.oracle.graal.python/src/com/oracle/graal/python/builtins/modules/BuiltinConstructors.java

@@ -181,6 +181,7 @@
 import com.oracle.truffle.api.object.Shape;
 import com.oracle.truffle.api.profiles.BranchProfile;
 import com.oracle.truffle.api.profiles.ConditionProfile;
+import java.util.Locale;
 
 @CoreFunctions(defineModule = "builtins")
 public final class BuiltinConstructors extends PythonBuiltins {
@@ -758,7 +759,7 @@ private double convertStringToDouble(String str) {
             }
             try {
                 // Double.valueOf allows format specifier ("d" or "f") at the end
-                String lowSval = sval.toLowerCase();
+                String lowSval = sval.toLowerCase(Locale.ENGLISH);
                 if (lowSval.equals("nan") || lowSval.equals("+nan") || lowSval.equals("-nan")) {
                     return Double.NaN;
                 } else if (lowSval.equals("inf") || lowSval.equals("+inf") || lowSval.equals("infinity") || lowSval.equals("+infinity")) {

graalpython/com.oracle.graal.python/src/com/oracle/graal/python/builtins/modules/PosixModuleBuiltins.java

@@ -135,6 +135,7 @@
 import com.oracle.truffle.api.profiles.ValueProfile;
 import com.sun.security.auth.UnixNumericGroupPrincipal;
 import com.sun.security.auth.UnixNumericUserPrincipal;
+import java.util.Locale;
 
 @CoreFunctions(defineModule = "posix")
 public class PosixModuleBuiltins extends PythonBuiltins {
@@ -1285,7 +1286,7 @@ PTuple waitpid(Object pid, Object options) {
     @GenerateNodeFactory
     @TypeSystemReference(PythonArithmeticTypes.class)
     abstract static class SystemNode extends PythonBuiltinNode {
-        static final String[] shell = System.getProperty("os.name").toLowerCase().startsWith("windows") ? new String[]{"cmd.exe", "/c"}
+        static final String[] shell = System.getProperty("os.name").toLowerCase(Locale.ENGLISH).startsWith("windows") ? new String[]{"cmd.exe", "/c"}
                         : new String[]{(System.getenv().getOrDefault("SHELL", "sh")), "-c"};
 
         static class PipePump extends Thread {

graalpython/com.oracle.graal.python/src/com/oracle/graal/python/builtins/objects/zipimporter/PZipImporter.java

@@ -200,8 +200,9 @@ protected String makePackagePath(String fullname) {
      */
     @CompilerDirectives.TruffleBoundary
     private String getCode(String filenameAndSuffix) {
+        ZipFile zip = null; 
         try {
-            ZipFile zip = new ZipFile(archive);
+            zip = new ZipFile(archive);
             ZipEntry entry = zip.getEntry(filenameAndSuffix);
             InputStream in = zip.getInputStream(entry);
 
@@ -217,7 +218,15 @@ private String getCode(String filenameAndSuffix) {
             return code.toString();
         } catch (IOException e) {
             throw new RuntimeException("Can not read code from " + makePackagePath(filenameAndSuffix), e);
-        }
+        } finally {
+            if (zip != null) {
+                try {
+                    zip.close();
+                } catch (IOException e) {
+                    // just ignore it. 
+                }
+            }
+        } 
     }
 
     /**

graalpython/com.oracle.graal.python/src/com/oracle/graal/python/builtins/objects/zipimporter/ZipImporterBuiltins.java

@@ -324,8 +324,9 @@ public PBytes doit(PZipImporter self, String pathname) {
             if (fileSize < 0) {
                 throw raise(PythonErrorType.ZipImportError, "negative data size");
             }
+            ZipFile zip = null;
             try {
-                ZipFile zip = new ZipFile(archive);
+                zip = new ZipFile(archive);
                 ZipEntry entry = zip.getEntry(key);
                 InputStream in = zip.getInputStream(entry);
                 int byteSize = (int) fileSize;
@@ -341,9 +342,16 @@ public PBytes doit(PZipImporter self, String pathname) {
                 return factory().createBytes(bytes);
             } catch (IOException e) {
                 throw raise(PythonErrorType.ZipImportError, "zipimport: can't read data");
-            }
+            } finally {
+                if (zip != null) {
+                    try {
+                        zip.close();
+                    } catch (IOException e) {
+                        // just ignore it. 
+                    }
+                }
+            }   
         }
-
     }
 
     @Builtin(name = "get_filename", minNumOfPositionalArgs = 2)

graalpython/com.oracle.graal.python/src/com/oracle/graal/python/parser/PythonTreeTranslator.java

@@ -640,35 +640,31 @@ private PNode parseString(String[] strings) {
                 }
             }
 
+            if (text.endsWith("'''") || text.endsWith("\"\"\"")) {
+                strStartIndex += 2;
+                strEndIndex -= 2;
+            }
+
+            text = text.substring(strStartIndex, strEndIndex);
             if (isBytes) {
                 if (sb != null) {
                     throw errors.raise(SyntaxError, "cannot mix bytes and nonbytes literals");
                 }
                 if (bb == null) {
                     bb = new BytesBuilder();
                 }
+                if (isRaw) {
+                    bb.append(text.getBytes());
+                } else {
+                    bb.append(BytesUtils.fromString(errors, text));
+                }
             } else {
                 if (bb != null) {
                     throw errors.raise(SyntaxError, "cannot mix bytes and nonbytes literals");
                 }
                 if (sb == null) {
                     sb = new StringBuilder();
                 }
-            }
-
-            if (text.endsWith("'''") || text.endsWith("\"\"\"")) {
-                strStartIndex += 2;
-                strEndIndex -= 2;
-            }
-
-            text = text.substring(strStartIndex, strEndIndex);
-            if (isBytes) {
-                if (isRaw) {
-                    bb.append(text.getBytes());
-                } else {
-                    bb.append(BytesUtils.fromString(errors, text));
-                }
-            } else {
                 if (isRaw) {
                     sb.append(text);
                 } else {