[jira] [Commented] (ATLAS-4652) Missing null check leading to NPE in isSoftReferenced method in AtlasStructDef

Thu, 06 Oct 2022 01:22:07 -0700 


    [ 
https://issues.apache.org/jira/browse/ATLAS-4652?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17613363#comment-17613363
 ] 

ASF subversion and git services commented on ATLAS-4652:
--------------------------------------------------------

Commit 43daa256dd04a2e9167de6749f34e262b8216de3 in atlas's branch 
refs/heads/master from Madhan Neethiraj
[ https://gitbox.apache.org/repos/asf?p=atlas.git;h=43daa256d ]

ATLAS-4652: fix to address potential NPE in AtlasAttributeDef.isSoftReferenced()


> Missing null check leading to NPE in isSoftReferenced method in 
> AtlasStructDef 
> -------------------------------------------------------------------------------
>
>                 Key: ATLAS-4652
>                 URL: https://issues.apache.org/jira/browse/ATLAS-4652
>             Project: Atlas
>          Issue Type: Bug
>          Components:  atlas-core
>    Affects Versions: 2.2.0
>            Reporter: Srikanth Venkat
>            Assignee: Madhan Neethiraj
>            Priority: Critical
>             Fix For: 3.0.0, 2.3.0
>
>         Attachments: ATLAS-4652.patch
>
>
> The code inside isSoftReferenced method in AtlasStructDef class below:
>    *{{}}*     {{@JsonIgnore}}
> {{        public boolean isSoftReferenced() {}}
> {{            return this.options != null && }}{{          
> getOptions().containsKey(AtlasAttributeDef.ATTRDEF_OPTION_SOFT_REFERENCE) &&}}
> {{                    
> getOptions().get(AtlasAttributeDef.ATTRDEF_OPTION_SOFT_REFERENCE){color:#de350b}.equals(STRING_TRUE){color};}}
> {{        }}}
>  
> Since the null check is not performed, it can lead to NPE in typedef 
> resolution.
>  
> A sample typedef payload like the following can potentially trigger the NPE 
> error in attribute resolution, i.e. 
> EntityGraphRetriever.mapVertexToAttribute, where 
> attribute.getAttributeDef().isSoftReferenced() is called
> {
>   "businessMetadataDefs": [
>     {
>       "category": "BUSINESS_METADATA",
>       "name": "bizType1",
>       "description": "test",
>       "attributeDefs": [
>         {
>           "name": "bizAttr1",
>           "typeName": "string",
>           "isOptional": true,
>           "cardinality": "SINGLE",         
>           "options": {         
>             *"isSoftReference": null,*   
>             "maxStrLength": "50",
>             "applicableEntityTypes": "[\"Asset\"]"
>           }         
>         }
>       ]
>     }
>   ]
> }
>  
> It would be furthermore helpful to run SonarCube or FindBugs to determine any 
> other incidences where this pattern of missing null check exists in Atlas 
> codebase and address them. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to