You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@zookeeper.apache.org by "Andor Molnar (JIRA)" <ji...@apache.org> on 2018/03/26 13:55:00 UTC

[jira] [Commented] (ZOOKEEPER-3009) Potential NPE: class NIOServerCnxn has two method can return null

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-3009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16413879#comment-16413879 ] 

Andor Molnar commented on ZOOKEEPER-3009:
-----------------------------------------

Hi [~xiaoheipangzi]

Thanks for the nice contribution, I really appreciate your enthusiasm to develop such a handy tool.

However, have you checked if it would be possible to similar check with our existing static analysis tool, findbugs?

In addition to that, there's an ongoing effort in [https://github.com/apache/zookeeper/pull/490] to integrate Google's error prone compiler for very similar purposes. I'm not sure if you've seen that, but I think it worth to consider bringing these existing tools up to speed before implementing something new from scratch.

> Potential NPE: class NIOServerCnxn has two method can return null
> -----------------------------------------------------------------
>
>                 Key: ZOOKEEPER-3009
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3009
>             Project: ZooKeeper
>          Issue Type: Bug
>            Reporter: lujie
>            Priority: Major
>
> Inspired by ZK-3006 , I develop a simple static analysis tool to find other Potential NPE like ZK-3006. This bug is found by this tool ,and I have carefully studied it.  But i am a newbie at here so i may be wrong, hope someone could confirm it and help me improve this tool.
> h2. Bug description:
>  class NIOServerCnxn has three method :getSocketAddress,getRemoteSocketAddress can return null just like :
> {code:java}
> // code placeholder
> if (sock.isOpen() == false) {
>   return null;
> }
> {code}
> some of their caller give null checker, some(total 3 list in below) are not. 
> {code:java}
> // ServerCnxn#getConnectionInfo
> Map<String, Object> info = new LinkedHashMap<String, Object>();
> info.put("remote_socket_address", getRemoteSocketAddress());// Map.put will throw NPE if parameter is null
> //IPAuthenticationProvider#handleAuthentication
> tring id = cnxn.getRemoteSocketAddress().getAddress().getHostAddress();
> cnxn.addAuthInfo(new Id(getScheme(), id));// finally call Set.add(it will throw NPE if parameter is null )
> //NIOServerCnxnFactory#addCnxn
> InetAddress addr = cnxn.getSocketAddress();
> Set<NIOServerCnxn> set = ipMap.get(addr);// Map.get will throw NPE if parameter is null{code}
> I think we should add null check in above three caller .
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)