You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Eduardo Aguinaga (JIRA)" <ji...@apache.org> on 2016/08/25 17:05:20 UTC

[jira] [Created] (CASSANDRA-12538) Null Dereference

Eduardo Aguinaga created CASSANDRA-12538:
--------------------------------------------

             Summary: Null Dereference
                 Key: CASSANDRA-12538
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-12538
             Project: Cassandra
          Issue Type: Sub-task
            Reporter: Eduardo Aguinaga


Overview:
In May through June of 2016 a static analysis was performed on version 3.0.5 of the Cassandra source code. The analysis included an automated analysis using HP Fortify v4.21 SCA and a manual analysis utilizing SciTools Understand v4. The results of that analysis includes the issue below.

Issue:
In the file BatchStatement.java on line 449 the object casRequest may be null and a null dereference exception could be generated. casRequest is initialized to null on linw 412 and if the for loop beginning on line 415 is skipped the null dereference will occur.

{code:java}
BatchStatement.java, lines 412-450:
412 CQL3CasRequest casRequest = null;
413 Set<ColumnDefinition> columnsWithConditions = new LinkedHashSet<>();
414 
415 for (int i = 0; i < statements.size(); i++)
416 {
417     ModificationStatement statement = statements.get(i);
418     QueryOptions statementOptions = options.forStatement(i);
419     long timestamp = attrs.getTimestamp(now, statementOptions);
420     List<ByteBuffer> pks = statement.buildPartitionKeyNames(statementOptions);
421     if (pks.size() > 1)
422         throw new IllegalArgumentException("Batch with conditions cannot span multiple partitions (you cannot use IN on the partition key)");
423     if (key == null)
424     {
425         key = statement.cfm.decorateKey(pks.get(0));
426         casRequest = new CQL3CasRequest(statement.cfm, key, true, conditionColumns, updatesRegularRows, updatesStaticRow);
427     }
428     else if (!key.getKey().equals(pks.get(0)))
429     {
430         throw new InvalidRequestException("Batch with conditions cannot span multiple partitions");
431     }
432 
...
448     }
449     casRequest.addRowUpdate(clustering, statement, statementOptions, timestamp);
450 }
{code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)