From issues-return-67101-archive-asf-public=cust-asf.ponee.io@commons.apache.org Sun Mar 25 09:07:08 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 6649918063B for ; Sun, 25 Mar 2018 09:07:07 +0200 (CEST) Received: (qmail 13821 invoked by uid 500); 25 Mar 2018 07:07:05 -0000 Mailing-List: contact issues-help@commons.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: issues@commons.apache.org Delivered-To: mailing list issues@commons.apache.org Received: (qmail 13810 invoked by uid 99); 25 Mar 2018 07:07:05 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 25 Mar 2018 07:07:05 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 0175F18030A for ; Sun, 25 Mar 2018 07:07:05 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -110.311 X-Spam-Level: X-Spam-Status: No, score=-110.311 tagged_above=-999 required=6.31 tests=[ENV_AND_HDR_SPF_MATCH=-0.5, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_SPF_WL=-7.5, USER_IN_WHITELIST=-100] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id VKEuGK8JBGjM for ; Sun, 25 Mar 2018 07:07:02 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id A1B6E5F4E4 for ; Sun, 25 Mar 2018 07:07:02 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 72813E00E8 for ; Sun, 25 Mar 2018 07:07:00 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 11C48214F5 for ; Sun, 25 Mar 2018 07:07:00 +0000 (UTC) Date: Sun, 25 Mar 2018 07:07:00 +0000 (UTC) From: "Dilraj Singh (JIRA)" To: issues@commons.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Created] (CLI-283) Missing Null pointer checks in CommandLine.java MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 Dilraj Singh created CLI-283: -------------------------------- Summary: Missing Null pointer checks in CommandLine.java Key: CLI-283 URL: https://issues.apache.org/jira/browse/CLI-283 Project: Commons CLI Issue Type: Bug Components: CLI-2.x Affects Versions: 1.4 Reporter: Dilraj Singh - [CommandLine.java #L233 |https://github.com/apache/commons-cli/blob/b0024= d482050a08efc36c3cabee37c0af0e57a10/src/main/java/org/apache/commons/cli/Co= mmandLine.java#L233] Method call to `getValuesList()` returns the possible values of `Option` f= or which it is called as List or returns `null`. In case it returns `null`,= `addAll()` method call on type `List` with `null` as an argument will lead= to a NullPointerException. This can be prevented by explicitly checking an= d handling the cases when it might return null. I have made changes for the= same - [CommandLine.java #L260 |https://github.com/apache/commons-cli/blob/b002= 4d482050a08efc36c3cabee37c0af0e57a10/src/main/java/org/apache/commons/cli/C= ommandLine.java#L260] As per the implementation of `stripLeadingHyphens(String)`, there exists c= ases when it might return `null`. And calling `equals` method on a null ret= urn value ([#L263 |https://github.com/apache/commons-cli/blob/b0024d482050a= 08efc36c3cabee37c0af0e57a10/src/main/java/org/apache/commons/cli/CommandLin= e.java#L263]) will lead to null pointer exception. So as to prevent this I = have made changes to explicitly return null in case `stripLeadingHyphens` r= eturns null - [CommandLine.java #L472 |https://github.com/apache/commons-cli/blob/b002= 4d482050a08efc36c3cabee37c0af0e57a10/src/main/java/org/apache/commons/cli/C= ommandLine.java#L472]=C2=A0 There is a possibility that `addOption` method is called with null as an a= rgument. In that case we will be adding null values to our list of processe= d options (as `List` does not thrown any null pointer exception even if `ad= d` method is called with null values). So as to prevent this we need to mak= e sure that value that we are adding to list of processed option is not nul= l. I have created a pull request for addressing these issues,=C2=A0[see|https:= //github.com/apache/commons-cli/pull/24] -- This message was sent by Atlassian JIRA (v7.6.3#76005)