[jira] [Created] (GORA-526) Potential null dereference in AvroSerializer#analyzePersistent

Ted Yu (JIRA) Sat, 09 Sep 2017 11:38:03 -0700

Ted Yu created GORA-526:
---------------------------

             Summary: Potential null dereference in 
AvroSerializer#analyzePersistent
                 Key: GORA-526
                 URL: https://issues.apache.org/jira/browse/GORA-526
             Project: Apache Gora
          Issue Type: Bug
            Reporter: Ted Yu
            Priority: Minor



In ctor:
{code}
    if (PersistentBase.class.isAssignableFrom(dataStore.getPersistentClass())) {
      persistentSchema = ((PersistentBase) 
dataStore.getBeanFactory().getCachedPersistent()).getSchema();
    } else {
      persistentSchema = null;
{code}
In updateByQuery, persistentSchema is passed to 
CassandraQueryFactory.getUpdateByQueryForAvro() which dereferences the schema 
without checking:
{code}
  public boolean updateByQuery(Query query) {
    List<Object> objectArrayList = new ArrayList<>();
    String cqlQuery = CassandraQueryFactory.getUpdateByQueryForAvro(mapping, 
query, objectArrayList, persistentSchema);
{code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (GORA-526) Potential null dereference in AvroSerializer#analyzePersistent

Reply via email to