zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "lujie (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (ZOOKEEPER-3007) Potential NPE in ReferenceCountedACLCache#deserialize
Date Mon, 26 Mar 2018 08:20:00 GMT

     [ https://issues.apache.org/jira/browse/ZOOKEEPER-3007?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

lujie updated ZOOKEEPER-3007:
-----------------------------
    Description: 
After ZK-3006 , I develop a very simple static analysis tool to find other Potential NPE
like ZK-3006, this bug is found by this tool ;Although i carefully studied it, but due to
i am a newbie here, hopefully someone can confirm it and help me improve this tool.
h3. Bug describtion:

callee BinaryInputArchive#startVector will return null:
{code:java}
// code placeholder
public Index startVector(String tag) throws IOException {
    int len = readInt(tag);
     if (len == -1) {
     return null;
}
{code}
and caller ReferenceCountedACLCache#deserialize  call it without null check
{code:java}
// code placeholder
Index j = ia.startVector("acls");
while (!j.done()) {
  ACL acl = new ACL();
  acl.deserialize(ia, "acl");
}{code}
all the other 14 caller of BinaryInputArchive#startVector performs null checker like:
{code:java}
// code placeholder
Index vidx1 = a_.startVector("acl");
  if (vidx1!= null)
     for (; !vidx1.done(); vidx1.incr()){
     .....
    }
   }
}
{code}
so i think we also need add null check in caller ReferenceCountedACLCache#deserialize  just
like other 14 caller

 

  was:
After ZK-3006 , I develop a very simple static analysis tool to find other Potential NPE
like ZK-3006, this bug is found by this tool ;Although i carefully studied it, but due to
i am a newbie here, hopefully someone can confirm it.
h3. Bug describtion:

callee BinaryInputArchive#startVector will return null:
{code:java}
// code placeholder
public Index startVector(String tag) throws IOException {
    int len = readInt(tag);
     if (len == -1) {
     return null;
}
{code}
and caller ReferenceCountedACLCache#deserialize  call it without null check
{code:java}
// code placeholder
Index j = ia.startVector("acls");
while (!j.done()) {
  ACL acl = new ACL();
  acl.deserialize(ia, "acl");
}{code}
all the other 14 caller of BinaryInputArchive#startVector performs null checker like:
{code:java}
// code placeholder
Index vidx1 = a_.startVector("acl");
  if (vidx1!= null)
     for (; !vidx1.done(); vidx1.incr()){
     .....
    }
   }
}
{code}
so i think we also need add null check in caller ReferenceCountedACLCache#deserialize  just
like other 14 caller

 


> Potential NPE in ReferenceCountedACLCache#deserialize 
> ------------------------------------------------------
>
>                 Key: ZOOKEEPER-3007
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3007
>             Project: ZooKeeper
>          Issue Type: Bug
>    Affects Versions: 3.6.0
>            Reporter: lujie
>            Priority: Major
>
> After ZK-3006 , I develop a very simple static analysis tool to find other Potential
NPE like ZK-3006, this bug is found by this tool ;Although i carefully studied it, but due
to i am a newbie here, hopefully someone can confirm it and help me improve this tool.
> h3. Bug describtion:
> callee BinaryInputArchive#startVector will return null:
> {code:java}
> // code placeholder
> public Index startVector(String tag) throws IOException {
>     int len = readInt(tag);
>      if (len == -1) {
>      return null;
> }
> {code}
> and caller ReferenceCountedACLCache#deserialize  call it without null check
> {code:java}
> // code placeholder
> Index j = ia.startVector("acls");
> while (!j.done()) {
>   ACL acl = new ACL();
>   acl.deserialize(ia, "acl");
> }{code}
> all the other 14 caller of BinaryInputArchive#startVector performs null checker like:
> {code:java}
> // code placeholder
> Index vidx1 = a_.startVector("acl");
>   if (vidx1!= null)
>      for (; !vidx1.done(); vidx1.incr()){
>      .....
>     }
>    }
> }
> {code}
> so i think we also need add null check in caller ReferenceCountedACLCache#deserialize 
just like other 14 caller
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message