![]() |
|
|
|
|
Issue Type:
|
![Bug]() Bug
|
|
Assignee:
|
Logback dev list
|
|
Created:
|
01/Jan/13 10:05 PM
|
|
Description:
|
Static code analysis reveals that
ch.qos.logback.classic.db.DBAppender.bindLoggingEventWithInsertStatement:
-------------
void bindLoggingEventArgumentsWithPreparedStatement(PreparedStatement stmt,
Object[] argArray) throws SQLException {
int arrayLen = argArray != null ? argArray.length : 0;
for(int i = 0; i < arrayLen && i < 4; i++) {
stmt.setString(ARG0_INDEX+i, asStringTruncatedTo254(argArray[i]));
}
if(arrayLen < 4) {
for(int i = arrayLen; i < 4; i++) {
stmt.setString(ARG0_INDEX+i, null);
}
}
}
-------------
has a potential null pointer access in:
for(int i = 0; i < arrayLen && i < 4; i++) {
stmt.setString(ARG0_INDEX+i, asStringTruncatedTo254(argArray[i]));
}
Indeed, argArray may be null at that location, but that's not a problem because in that case arrayLen has been set to 0.
But then, do the ARG0_INDEX+i have appropriate values in
----------
if(arrayLen < 4) {
for(int i = arrayLen; i < 4; i++) {
stmt.setString(ARG0_INDEX+i, null);
}
}
----------
|
|
Project:
|
logback
|
|
Priority:
|
![Major]() Major
|
|
Reporter:
|
David Tonhofer
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
_______________________________________________
logback-dev mailing list
[email protected]
http://mailman.qos.ch/mailman/listinfo/logback-dev
