[ https://issues.apache.org/jira/browse/ZOOKEEPER-3009?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
lujie updated ZOOKEEPER-3009: ----------------------------- Description: After ZK-3006 , I develop a very simple static analysis tool to find other Potential NPE like ZK-3006, this bug is found by this tool ;Although i carefully studied it, but due to i am a newbie here, hopefully someone can confirm it and help me improve this tool. h2. Bug description: class NIOServerCnxn has three method :getSocketAddress,getRemoteSocketAddress can return null just like : {code:java} // code placeholder if (sock.isOpen() == false) { return null; } {code} some of their caller give null checker, some(total 3 list in below) are not. {code:java} // ServerCnxn#getConnectionInfo Map<String, Object> info = new LinkedHashMap<String, Object>(); info.put("remote_socket_address", getRemoteSocketAddress());// Map.put will throw NPE if parameter is null //IPAuthenticationProvider#handleAuthentication tring id = cnxn.getRemoteSocketAddress().getAddress().getHostAddress(); cnxn.addAuthInfo(new Id(getScheme(), id));// finally call Set.add(it will throw NPE if parameter is null ) //NIOServerCnxnFactory#addCnxn InetAddress addr = cnxn.getSocketAddress(); Set<NIOServerCnxn> set = ipMap.get(addr);// Map.get will throw NPE if parameter is null{code} I think we should add null check in above three caller . was: After ZK-3006 , I develop a very simple static analysis tool to find other Potential NPE like ZK-3006, this bug is found by this tool ;Although i carefully studied it, but due to i am a newbie here, hopefully someone can confirm it. h2. Bug description: class NIOServerCnxn has three method :getSocketAddress,getRemoteSocketAddress can return null just like : {code:java} // code placeholder if (sock.isOpen() == false) { return null; } {code} some of their caller give null checker, some(total 3 list in below) are not. {code:java} // ServerCnxn#getConnectionInfo Map<String, Object> info = new LinkedHashMap<String, Object>(); info.put("remote_socket_address", getRemoteSocketAddress());// Map.put will throw NPE if parameter is null //IPAuthenticationProvider#handleAuthentication tring id = cnxn.getRemoteSocketAddress().getAddress().getHostAddress(); cnxn.addAuthInfo(new Id(getScheme(), id));// finally call Set.add(it will throw NPE if parameter is null ) //NIOServerCnxnFactory#addCnxn InetAddress addr = cnxn.getSocketAddress(); Set<NIOServerCnxn> set = ipMap.get(addr);// Map.get will throw NPE if parameter is null{code} I think we should add null check in above three caller . > Potential NPE: class NIOServerCnxn has two method can return null > ----------------------------------------------------------------- > > Key: ZOOKEEPER-3009 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3009 > Project: ZooKeeper > Issue Type: Bug > Reporter: lujie > Priority: Major > > After ZK-3006 , I develop a very simple static analysis tool to find other > Potential NPE like ZK-3006, this bug is found by this tool ;Although i > carefully studied it, but due to i am a newbie here, hopefully someone can > confirm it and help me improve this tool. > h2. Bug description: > class NIOServerCnxn has three method > :getSocketAddress,getRemoteSocketAddress can return null just like : > {code:java} > // code placeholder > if (sock.isOpen() == false) { > return null; > } > {code} > some of their caller give null checker, some(total 3 list in below) are not. > {code:java} > // ServerCnxn#getConnectionInfo > Map<String, Object> info = new LinkedHashMap<String, Object>(); > info.put("remote_socket_address", getRemoteSocketAddress());// Map.put will > throw NPE if parameter is null > //IPAuthenticationProvider#handleAuthentication > tring id = cnxn.getRemoteSocketAddress().getAddress().getHostAddress(); > cnxn.addAuthInfo(new Id(getScheme(), id));// finally call Set.add(it will > throw NPE if parameter is null ) > //NIOServerCnxnFactory#addCnxn > InetAddress addr = cnxn.getSocketAddress(); > Set<NIOServerCnxn> set = ipMap.get(addr);// Map.get will throw NPE if > parameter is null{code} > I think we should add null check in above three caller . > -- This message was sent by Atlassian JIRA (v7.6.3#76005)