[jira] [Commented] (CLOUDSTACK-10356) Fix Some Potential NPE

ASF GitHub Bot (JIRA) Wed, 18 Apr 2018 04:23:06 -0700

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10356?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16442341#comment-16442341
 ]


ASF GitHub Bot commented on CLOUDSTACK-10356:
---------------------------------------------

brettKK opened a new pull request #2573: [CLOUDSTACK-10356] Fix NPE in 
Cloudstack found with NPEDetector 
URL: https://github.com/apache/cloudstack/pull/2573
 
 
   @lujiefsi found a potential NPE in Cloudstack
   ---
   We have developed a static analysis tool NPEDetector to find some potential 
NPE. Our analysis shows that some callees may return null in corner case(e.g. 
node crash , IO exception), some of their callers have  !=null check but some 
do not have. In this issue we post a patch which can add  !=null  based on 
existed !=null  check. For example:
   
   Callee GlobalLoadBalancingRulesServiceImpl#lookupGslbServiceProvider:
   ```
   protected GslbServiceProvider lookupGslbServiceProvider() {
       return _gslbProviders.size() == 0 ? null : _gslbProviders.get(0);// may 
return null;
   }
   ```
   
   Caller GlobalLoadBalancingRulesServiceImpl#checkGslbServiceEnabledInZone 
have !=null:
   ```
   private boolean checkGslbServiceEnabledInZone(long zoneId, long 
physicalNetworkId) {
   
      GslbServiceProvider gslbProvider = lookupGslbServiceProvider();
      if (gslbProvider == null) {
         throw new CloudRuntimeException("No GSLB provider is available");
      }
   
      return gslbProvider.isServiceEnabledInZone(zoneId, physicalNetworkId);
   }
   ```
   
   but another 
GlobalLoadBalancingRulesServiceImpl#applyGlobalLoadBalancerRuleConfig does not 
have !=null check:
   ```
   GslbServiceProvider gslbProvider = lookupGslbServiceProvider();
   
siteLb.setGslbProviderPublicIp(gslbProvider.getZoneGslbProviderPublicIp(dataCenterId,physicalNetworkId));
   .........
   ```
   
   So we will add below code in non-(!=null) caller 
GlobalLoadBalancingRulesServiceImpl#applyGlobalLoadBalancerRuleConfig
   ```
   if (gslbProvider == null) {
       throw new CloudRuntimeException("No GSLB provider is available");
   }
   ```
   
   But due to we are not very  familiar with CLOUDSTACK, hope some expert can 
review it.
   
   Thanks.
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Fix Some Potential NPE 
> -----------------------
>
>                 Key: CLOUDSTACK-10356
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10356
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>    Affects Versions: 4.12.0.0
>            Reporter: lujie
>            Priority: Major
>         Attachments: CLOUDSTACK-10356_1.patch
>
>
> We have developed a static analysis tool 
> [NPEDetector|https://github.com/lujiefsi/NPEDetector] to find some potential 
> NPE. Our analysis shows that some callees may return null in corner case(e.g. 
> node crash , IO exception), some of their callers have  _!=null_ check but 
> some do not have. In this issue we post a patch which can add  !=null  based 
> on existed !=null  check. For example:
> Callee GlobalLoadBalancingRulesServiceImpl#lookupGslbServiceProvider:
> {code:java}
> protected GslbServiceProvider lookupGslbServiceProvider() {
>     return _gslbProviders.size() == 0 ? null : _gslbProviders.get(0);// may 
> return null;
> }
> {code}
> Caller GlobalLoadBalancingRulesServiceImpl#checkGslbServiceEnabledInZone have 
> _!=null_:
> {code:java}
> private boolean checkGslbServiceEnabledInZone(long zoneId, long 
> physicalNetworkId) {
>    GslbServiceProvider gslbProvider = lookupGslbServiceProvider();
>    if (gslbProvider == null) {
>       throw new CloudRuntimeException("No GSLB provider is available");
>    }
>    return gslbProvider.isServiceEnabledInZone(zoneId, physicalNetworkId);
> }
> {code}
> but another 
> GlobalLoadBalancingRulesServiceImpl#applyGlobalLoadBalancerRuleConfig does 
> not have !=null check:
> {code:java}
> GslbServiceProvider gslbProvider = lookupGslbServiceProvider();
> siteLb.setGslbProviderPublicIp(gslbProvider.getZoneGslbProviderPublicIp(dataCenterId,physicalNetworkId));
> .........{code}
> So we will add below code in non-(!=null) caller 
> GlobalLoadBalancingRulesServiceImpl#applyGlobalLoadBalancerRuleConfig
> {code:java}
> if (gslbProvider == null) {
>     throw new CloudRuntimeException("No GSLB provider is available");
> }
> {code}
> But due to we are not very  familiar with CLOUDSTACK, hope some expert can 
> review it.
> Thanks!!!!



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10356) Fix Some Potential NPE

Reply via email to