You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by "lujie (JIRA)" <ji...@apache.org> on 2018/03/26 07:31:00 UTC
[jira] [Created] (ZOOKEEPER-3007) Potential NPE in
ReferenceCountedACLCache#deserialize
lujie created ZOOKEEPER-3007:
--------------------------------
Summary: Potential NPE in ReferenceCountedACLCache#deserialize
Key: ZOOKEEPER-3007
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3007
Project: ZooKeeper
Issue Type: Bug
Affects Versions: 3.6.0
Reporter: lujie
After[ZK-3006|https://issues.apache.org/jira/browse/ZOOKEEPER-3006], I develop a very simple static analysis tool to find other other Potential NPE like ZK-3306, this bug is found by this tool and carefully studied by myself, hopefully to be confirmed.
h3. Bug describtion:
callee BinaryInputArchive#startVector will return null:
{code:java}
// code placeholder
public Index startVector(String tag) throws IOException {
int len = readInt(tag);
if (len == -1) {
return null;
}
{code}
and caller ReferenceCountedACLCache#deserialize
{code:java}
// code placeholder
Index j = ia.startVector("acls");
while (!j.done()) {
ACL acl = new ACL();
acl.deserialize(ia, "acl");
}{code}
all the other 14 caller of BinaryInputArchive#startVector performs null checker like:
{code:java}
// code placeholder
Index vidx1 = a_.startVector("acl");
if (vidx1!= null)
for (; !vidx1.done(); vidx1.incr()){
.....
}
}
}
{code}
so i think we also add null check in caller ReferenceCountedACLCache#deserialize
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)