[ https://issues.apache.org/jira/browse/ZOOKEEPER-3008?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16498780#comment-16498780 ]
Hadoop QA commented on ZOOKEEPER-3008: -------------------------------------- -1 overall. GitHub Pull Request Build +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 2 new or modified tests. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 findbugs. The patch does not introduce any new Findbugs (version 3.0.1) warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. -1 core tests. The patch failed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/1774//testReport/ Findbugs warnings: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/1774//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Console output: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/1774//console This message is automatically generated. > Potential NPE in SaslQuorumAuthLearner#authenticate and > SaslQuorumAuthServer#authenticate > ----------------------------------------------------------------------------------------- > > Key: ZOOKEEPER-3008 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3008 > Project: ZooKeeper > Issue Type: Bug > Affects Versions: 3.6.0 > Reporter: lujie > Priority: Major > Labels: pull-request-available > Time Spent: 0.5h > Remaining Estimate: 0h > > Inspired by ZK-3006 , I develop a simple static analysis tool to find other > Potential NPE like ZK-3006. This bug is found by this tool ,and I have > carefully studied it. But i am a newbie at here so i may be wrong, hope > someone could confirm it and help me improve this tool. > h2. Bug description: > callee :SecurityUtils#createSaslClient will return null while encounter > exception > {code:java} > // code placeholder > catch (Exception e) { > LOG.error("Exception while trying to create SASL client", e); > return null; > } > {code} > but its caller has no null check just like: > {code:java} > // code placeholder > sc = SecurityUtils.createSaslClient(); > if (sc.hasInitialResponse()) { > responseToken = createSaslToken(new byte[0], sc, learnerLogin); > } > {code} > I think we should add null check in caller while callee return null -- This message was sent by Atlassian JIRA (v7.6.3#76005)