zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "lujie (JIRA)" <j...@apache.org>
Subject [jira] [Created] (ZOOKEEPER-3007) Potential NPE in ReferenceCountedACLCache#deserialize
Date Mon, 26 Mar 2018 07:31:00 GMT
lujie created ZOOKEEPER-3007:
--------------------------------

             Summary: Potential NPE in ReferenceCountedACLCache#deserialize 
                 Key: ZOOKEEPER-3007
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3007
             Project: ZooKeeper
          Issue Type: Bug
    Affects Versions: 3.6.0
            Reporter: lujie


After[ZK-3006|https://issues.apache.org/jira/browse/ZOOKEEPER-3006], I develop a very simple
static analysis tool to find other other Potential NPE like ZK-3306, this bug is found by
this tool and  carefully studied by myself, hopefully to be confirmed.
h3. Bug describtion:

callee BinaryInputArchive#startVector will return null:

 
{code:java}
// code placeholder
public Index startVector(String tag) throws IOException {
    int len = readInt(tag);
     if (len == -1) {
     return null;
}
{code}
and caller ReferenceCountedACLCache#deserialize 

 

 
{code:java}
// code placeholder
Index j = ia.startVector("acls");
while (!j.done()) {
  ACL acl = new ACL();
  acl.deserialize(ia, "acl");
}{code}
all the other 14 caller of BinaryInputArchive#startVector performs null checker like:

 
{code:java}
// code placeholder
Index vidx1 = a_.startVector("acl");
  if (vidx1!= null)
     for (; !vidx1.done(); vidx1.incr()){
     .....
    }
   }
}
{code}
so i think we also add null check in caller ReferenceCountedACLCache#deserialize 

 

 

 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message