[
https://issues.apache.org/jira/browse/ZOOKEEPER-3009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16414949#comment-16414949
]
lujie commented on ZOOKEEPER-3009:
----------------------------------
Hi [~andorm]
Thinks for your pertinent suggestions.
I develop this tool from scratch because:
# I apply findbugs to check this bug , but findbugs leave it out(I assume
because it does not perform interprocedural analysis in this check).
# i am not very familiar with findbugs and Google's error prone .
# [WALA|https://github.com/wala/WALA](a famous static analysis tool developed
by IBM) is my sidekicks, I have developed some static analysis tool based on
it , so I choose it again.
I will try my best to check if findbugs own this rule(eg. callee return null
but caller does not check), if not, i will try my best to add this rule.
Anyway, I develop this tool based on my finding of zookeeper-3006 and _[Alibaba
Java Coding Guidelines|https://github.com/alibaba/p3c]_ which clearly indicates
that callee can return null but caller must check it.
On the other hand, massive non-null checker also bother me, just as talk in
[Avoiding != null
statements|[https://stackoverflow.com/questions/271526/avoiding-null-statements/271874#271874]|https://stackoverflow.com/questions/271526/avoiding-null-statements/271874#271874].Now]
. Now i am at the crossroads(+)
> Potential NPE: class NIOServerCnxn has two method can return null
> -----------------------------------------------------------------
>
> Key: ZOOKEEPER-3009
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3009
> Project: ZooKeeper
> Issue Type: Bug
> Reporter: lujie
> Priority: Major
>
> Inspired by ZK-3006 , I develop a simple static analysis tool to find other
> Potential NPE like ZK-3006. This bug is found by this tool ,and I have
> carefully studied it. But i am a newbie at here so i may be wrong, hope
> someone could confirm it and help me improve this tool.
> h2. Bug description:
> class NIOServerCnxn has three method
> :getSocketAddress,getRemoteSocketAddress can return null just like :
> {code:java}
> // code placeholder
> if (sock.isOpen() == false) {
> return null;
> }
> {code}
> some of their caller give null checker, some(total 3 list in below) are not.
> {code:java}
> // ServerCnxn#getConnectionInfo
> Map<String, Object> info = new LinkedHashMap<String, Object>();
> info.put("remote_socket_address", getRemoteSocketAddress());// Map.put will
> throw NPE if parameter is null
> //IPAuthenticationProvider#handleAuthentication
> tring id = cnxn.getRemoteSocketAddress().getAddress().getHostAddress();
> cnxn.addAuthInfo(new Id(getScheme(), id));// finally call Set.add(it will
> throw NPE if parameter is null )
> //NIOServerCnxnFactory#addCnxn
> InetAddress addr = cnxn.getSocketAddress();
> Set<NIOServerCnxn> set = ipMap.get(addr);// Map.get will throw NPE if
> parameter is null{code}
> I think we should add null check in above three caller .
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
