You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by "Andor Molnar (JIRA)" <ji...@apache.org> on 2018/03/26 13:55:00 UTC
[jira] [Commented] (ZOOKEEPER-3009) Potential NPE: class
NIOServerCnxn has two method can return null
[ https://issues.apache.org/jira/browse/ZOOKEEPER-3009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16413879#comment-16413879 ]
Andor Molnar commented on ZOOKEEPER-3009:
-----------------------------------------
Hi [~xiaoheipangzi]
Thanks for the nice contribution, I really appreciate your enthusiasm to develop such a handy tool.
However, have you checked if it would be possible to similar check with our existing static analysis tool, findbugs?
In addition to that, there's an ongoing effort in [https://github.com/apache/zookeeper/pull/490] to integrate Google's error prone compiler for very similar purposes. I'm not sure if you've seen that, but I think it worth to consider bringing these existing tools up to speed before implementing something new from scratch.
> Potential NPE: class NIOServerCnxn has two method can return null
> -----------------------------------------------------------------
>
> Key: ZOOKEEPER-3009
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3009
> Project: ZooKeeper
> Issue Type: Bug
> Reporter: lujie
> Priority: Major
>
> Inspired by ZK-3006 , I develop a simple static analysis tool to find other Potential NPE like ZK-3006. This bug is found by this tool ,and I have carefully studied it. But i am a newbie at here so i may be wrong, hope someone could confirm it and help me improve this tool.
> h2. Bug description:
> class NIOServerCnxn has three method :getSocketAddress,getRemoteSocketAddress can return null just like :
> {code:java}
> // code placeholder
> if (sock.isOpen() == false) {
> return null;
> }
> {code}
> some of their caller give null checker, some(total 3 list in below) are not.
> {code:java}
> // ServerCnxn#getConnectionInfo
> Map<String, Object> info = new LinkedHashMap<String, Object>();
> info.put("remote_socket_address", getRemoteSocketAddress());// Map.put will throw NPE if parameter is null
> //IPAuthenticationProvider#handleAuthentication
> tring id = cnxn.getRemoteSocketAddress().getAddress().getHostAddress();
> cnxn.addAuthInfo(new Id(getScheme(), id));// finally call Set.add(it will throw NPE if parameter is null )
> //NIOServerCnxnFactory#addCnxn
> InetAddress addr = cnxn.getSocketAddress();
> Set<NIOServerCnxn> set = ipMap.get(addr);// Map.get will throw NPE if parameter is null{code}
> I think we should add null check in above three caller .
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)