lujie created ZOOKEEPER-3007: -------------------------------- Summary: Potential NPE in ReferenceCountedACLCache#deserialize Key: ZOOKEEPER-3007 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3007 Project: ZooKeeper Issue Type: Bug Affects Versions: 3.6.0 Reporter: lujie
After[ZK-3006|https://issues.apache.org/jira/browse/ZOOKEEPER-3006], I develop a very simple static analysis tool to find other other Potential NPE like ZK-3306, this bug is found by this tool and carefully studied by myself, hopefully to be confirmed. h3. Bug describtion: callee BinaryInputArchive#startVector will return null: {code:java} // code placeholder public Index startVector(String tag) throws IOException { int len = readInt(tag); if (len == -1) { return null; } {code} and caller ReferenceCountedACLCache#deserialize {code:java} // code placeholder Index j = ia.startVector("acls"); while (!j.done()) { ACL acl = new ACL(); acl.deserialize(ia, "acl"); }{code} all the other 14 caller of BinaryInputArchive#startVector performs null checker like: {code:java} // code placeholder Index vidx1 = a_.startVector("acl"); if (vidx1!= null) for (; !vidx1.done(); vidx1.incr()){ ..... } } } {code} so i think we also add null check in caller ReferenceCountedACLCache#deserialize -- This message was sent by Atlassian JIRA (v7.6.3#76005)