[
https://issues.apache.org/jira/browse/ARTEMIS-4663?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Justin Bertram updated ARTEMIS-4663:
------------------------------------
Description:
Return value of a function
[readNullableSimpleString|https://github.com/apache/activemq-artemis/blob/fb1b362b473cad51ae5d05a897be02b1fa8461d4/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTPublishManager.java#L377]
is dereferenced at
[MQTTPublishManager.java:378|https://github.com/apache/activemq-artemis/blob/fb1b362b473cad51ae5d05a897be02b1fa8461d4/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTPublishManager.java#L378]
without checking for null, but it is usually checked for this function.
Since the readNullableSimpleString() function can return a null value, it may
be worth adding a null check before using it on line 378.
The
[publishToClient|https://github.com/apache/activemq-artemis/blob/fb1b362b473cad51ae5d05a897be02b1fa8461d4/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTPublishManager.java#L371]
private function can throw exceptions, but they are not handled anywhere in
the class.
was:
Return value of a function
[readNullableSimpleString|https://github.com/apache/activemq-artemis/blob/fb1b362b473cad51ae5d05a897be02b1fa8461d4/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTPublishManager.java#L377]
is dereferenced at
[MQTTPublishManager.java:378|https://github.com/apache/activemq-artemis/blob/fb1b362b473cad51ae5d05a897be02b1fa8461d4/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTPublishManager.java#L378]
without checking for null, but it is usually checked for this function.
Since the readNullableSimpleString() function can return a null value, it may
be worth adding a null check before using it on line 378.
The
[publishToClient|https://github.com/apache/activemq-artemis/blob/fb1b362b473cad51ae5d05a897be02b1fa8461d4/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTPublishManager.java#L371]
private function can throw exceptions, but they are not handled anywhere in
the class.
Found by Linux Verification Center (portal.linuxtesting.ru) with SVACE.
Author A. Burke.
> Possible dereference of null in MQTTPublishManager
> --------------------------------------------------
>
> Key: ARTEMIS-4663
> URL: https://issues.apache.org/jira/browse/ARTEMIS-4663
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Affects Versions: 2.32.0
> Reporter: Andrey Slepykh
> Priority: Major
> Labels: dereference-of-null
>
> Return value of a function
> [readNullableSimpleString|https://github.com/apache/activemq-artemis/blob/fb1b362b473cad51ae5d05a897be02b1fa8461d4/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTPublishManager.java#L377]
> is dereferenced at
> [MQTTPublishManager.java:378|https://github.com/apache/activemq-artemis/blob/fb1b362b473cad51ae5d05a897be02b1fa8461d4/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTPublishManager.java#L378]
> without checking for null, but it is usually checked for this function.
> Since the readNullableSimpleString() function can return a null value, it may
> be worth adding a null check before using it on line 378.
> The
> [publishToClient|https://github.com/apache/activemq-artemis/blob/fb1b362b473cad51ae5d05a897be02b1fa8461d4/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTPublishManager.java#L371]
> private function can throw exceptions, but they are not handled anywhere in
> the class.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
