zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "lujie (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ZOOKEEPER-3009) Potential NPE: class NIOServerCnxn has two method can return null
Date Tue, 27 Mar 2018 03:12:00 GMT

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-3009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16414949#comment-16414949

lujie commented on ZOOKEEPER-3009:

Hi [~andorm]

Thinks for your pertinent suggestions.

I develop this tool from scratch because: 
 # I apply  findbugs to check this bug ,  but findbugs leave it out(I assume because it
does not perform  interprocedural  analysis in this check).
 # i am not  very familiar with findbugs and  Google's error prone .
 # [WALA|https://github.com/wala/WALA](a famous static analysis tool developed by IBM) is
my sidekicks, I have developed some static analysis tool based on  it , so I choose it again.

I will try my best to check if findbugs own this rule(eg. callee return null but caller does
not check), if not, i will try my best to add this rule.

Anyway, I develop this tool based on my finding of zookeeper-3006 and _[Alibaba Java Coding
Guidelines|https://github.com/alibaba/p3c]_ which clearly indicates that callee can return
null but caller must check it.

On the other hand, massive non-null checker also bother me, just as talk in [Avoiding !=
null statements|[https://stackoverflow.com/questions/271526/avoiding-null-statements/271874#271874]|https://stackoverflow.com/questions/271526/avoiding-null-statements/271874#271874].Now] .
Now i am at the crossroads(+)


> Potential NPE: class NIOServerCnxn has two method can return null
> -----------------------------------------------------------------
>                 Key: ZOOKEEPER-3009
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3009
>             Project: ZooKeeper
>          Issue Type: Bug
>            Reporter: lujie
>            Priority: Major
> Inspired by ZK-3006 , I develop a simple static analysis tool to find other Potential
NPE like ZK-3006. This bug is found by this tool ,and I have carefully studied it.  But i
am a newbie at here so i may be wrong, hope someone could confirm it and help me improve
this tool.
> h2. Bug description:
>  class NIOServerCnxn has three method :getSocketAddress,getRemoteSocketAddress can return
null just like :
> {code:java}
> // code placeholder
> if (sock.isOpen() == false) {
>   return null;
> }
> {code}
> some of their caller give null checker, some(total 3 list in below) are not. 
> {code:java}
> // ServerCnxn#getConnectionInfo
> Map<String, Object> info = new LinkedHashMap<String, Object>();
> info.put("remote_socket_address", getRemoteSocketAddress());// Map.put will throw NPE
if parameter is null
> //IPAuthenticationProvider#handleAuthentication
> tring id = cnxn.getRemoteSocketAddress().getAddress().getHostAddress();
> cnxn.addAuthInfo(new Id(getScheme(), id));// finally call Set.add(it will throw NPE if
parameter is null )
> //NIOServerCnxnFactory#addCnxn
> InetAddress addr = cnxn.getSocketAddress();
> Set<NIOServerCnxn> set = ipMap.get(addr);// Map.get will throw NPE if parameter
is null{code}
> I think we should add null check in above three caller .

This message was sent by Atlassian JIRA

View raw message