[jira] [Commented] (ZOOKEEPER-3009) Potential NPE: class NIOServerCnxn has two method can return null

Mon, 26 Mar 2018 08:32:35 -0700 

    [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-3009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16413879#comment-16413879
 ] 

Andor Molnar commented on ZOOKEEPER-3009:
-----------------------------------------

Hi [~xiaoheipangzi]

Thanks for the nice contribution, I really appreciate your enthusiasm to 
develop such a handy tool.

However, have you checked if it would be possible to similar check with our 
existing static analysis tool, findbugs?

In addition to that, there's an ongoing effort in 
[https://github.com/apache/zookeeper/pull/490] to integrate Google's error 
prone compiler for very similar purposes. I'm not sure if you've seen that, but 
I think it worth to consider bringing these existing tools up to speed before 
implementing something new from scratch.

> Potential NPE: class NIOServerCnxn has two method can return null
> -----------------------------------------------------------------
>
>                 Key: ZOOKEEPER-3009
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3009
>             Project: ZooKeeper
>          Issue Type: Bug
>            Reporter: lujie
>            Priority: Major
>
> Inspired by ZK-3006 , I develop a simple static analysis tool to find other 
> Potential NPE like ZK-3006. This bug is found by this tool ,and I have 
> carefully studied it.  But i am a newbie at here so i may be wrong, hope 
> someone could confirm it and help me improve this tool.
> h2. Bug description:
>  class NIOServerCnxn has three method 
> :getSocketAddress,getRemoteSocketAddress can return null just like :
> {code:java}
> // code placeholder
> if (sock.isOpen() == false) {
>   return null;
> }
> {code}
> some of their caller give null checker, some(total 3 list in below) are not. 
> {code:java}
> // ServerCnxn#getConnectionInfo
> Map<String, Object> info = new LinkedHashMap<String, Object>();
> info.put("remote_socket_address", getRemoteSocketAddress());// Map.put will 
> throw NPE if parameter is null
> //IPAuthenticationProvider#handleAuthentication
> tring id = cnxn.getRemoteSocketAddress().getAddress().getHostAddress();
> cnxn.addAuthInfo(new Id(getScheme(), id));// finally call Set.add(it will 
> throw NPE if parameter is null )
> //NIOServerCnxnFactory#addCnxn
> InetAddress addr = cnxn.getSocketAddress();
> Set<NIOServerCnxn> set = ipMap.get(addr);// Map.get will throw NPE if 
> parameter is null{code}
> I think we should add null check in above three caller .
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to