[
https://issues.apache.org/jira/browse/ZOOKEEPER-3007?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
lujie updated ZOOKEEPER-3007:
-----------------------------
Description:
After [ZK-3006|https://issues.apache.org/jira/browse/ZOOKEEPER-3006] , I
develop a very simple static analysis tool to find other other Potential NPE
like ZK-3006, this bug is found by this tool and carefully studied by myself,
hopefully to be confirmed.
h3. Bug describtion:
callee BinaryInputArchive#startVector will return null:
{code:java}
// code placeholder
public Index startVector(String tag) throws IOException {
int len = readInt(tag);
if (len == -1) {
return null;
}
{code}
and caller ReferenceCountedACLCache#deserialize
{code:java}
// code placeholder
Index j = ia.startVector("acls");
while (!j.done()) {
ACL acl = new ACL();
acl.deserialize(ia, "acl");
}{code}
all the other 14 caller of BinaryInputArchive#startVector performs null checker
like:
{code:java}
// code placeholder
Index vidx1 = a_.startVector("acl");
if (vidx1!= null)
for (; !vidx1.done(); vidx1.incr()){
.....
}
}
}
{code}
so i think we also add null check in caller
ReferenceCountedACLCache#deserialize
was:
AfterZK-3006, I develop a very simple static analysis tool to find other other
Potential NPE like ZK-3006, this bug is found by this tool and carefully
studied by myself, hopefully to be confirmed.
h3. Bug describtion:
callee BinaryInputArchive#startVector will return null:
{code:java}
// code placeholder
public Index startVector(String tag) throws IOException {
int len = readInt(tag);
if (len == -1) {
return null;
}
{code}
and caller ReferenceCountedACLCache#deserialize
{code:java}
// code placeholder
Index j = ia.startVector("acls");
while (!j.done()) {
ACL acl = new ACL();
acl.deserialize(ia, "acl");
}{code}
all the other 14 caller of BinaryInputArchive#startVector performs null checker
like:
{code:java}
// code placeholder
Index vidx1 = a_.startVector("acl");
if (vidx1!= null)
for (; !vidx1.done(); vidx1.incr()){
.....
}
}
}
{code}
so i think we also add null check in caller
ReferenceCountedACLCache#deserialize
> Potential NPE in ReferenceCountedACLCache#deserialize
> ------------------------------------------------------
>
> Key: ZOOKEEPER-3007
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3007
> Project: ZooKeeper
> Issue Type: Bug
> Affects Versions: 3.6.0
> Reporter: lujie
> Priority: Major
>
> After [ZK-3006|https://issues.apache.org/jira/browse/ZOOKEEPER-3006] , I
> develop a very simple static analysis tool to find other other Potential NPE
> like ZK-3006, this bug is found by this tool and carefully studied by
> myself, hopefully to be confirmed.
> h3. Bug describtion:
> callee BinaryInputArchive#startVector will return null:
> {code:java}
> // code placeholder
> public Index startVector(String tag) throws IOException {
> int len = readInt(tag);
> if (len == -1) {
> return null;
> }
> {code}
> and caller ReferenceCountedACLCache#deserialize
> {code:java}
> // code placeholder
> Index j = ia.startVector("acls");
> while (!j.done()) {
> ACL acl = new ACL();
> acl.deserialize(ia, "acl");
> }{code}
> all the other 14 caller of BinaryInputArchive#startVector performs null
> checker like:
> {code:java}
> // code placeholder
> Index vidx1 = a_.startVector("acl");
> if (vidx1!= null)
> for (; !vidx1.done(); vidx1.incr()){
> .....
> }
> }
> }
> {code}
> so i think we also add null check in caller
> ReferenceCountedACLCache#deserialize
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
