[
https://issues.apache.org/jira/browse/ZOOKEEPER-3008?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16498835#comment-16498835
]
Hadoop QA commented on ZOOKEEPER-3008:
--------------------------------------
-1 overall. GitHub Pull Request Build
+1 @author. The patch does not contain any @author tags.
+1 tests included. The patch appears to include 2 new or modified tests.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac
compiler warnings.
+1 findbugs. The patch does not introduce any new Findbugs (version 3.0.1)
warnings.
+1 release audit. The applied patch does not increase the total number of
release audit warnings.
-1 core tests. The patch failed core unit tests.
+1 contrib tests. The patch passed contrib unit tests.
Test results:
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/1783//testReport/
Findbugs warnings:
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/1783//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Console output:
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/1783//console
This message is automatically generated.
> Potential NPE in SaslQuorumAuthLearner#authenticate and
> SaslQuorumAuthServer#authenticate
> -----------------------------------------------------------------------------------------
>
> Key: ZOOKEEPER-3008
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3008
> Project: ZooKeeper
> Issue Type: Bug
> Affects Versions: 3.6.0
> Reporter: lujie
> Priority: Major
> Labels: pull-request-available
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> Inspired by ZK-3006 , I develop a simple static analysis tool to find other
> Potential NPE like ZK-3006. This bug is found by this tool ,and I have
> carefully studied it. But i am a newbie at here so i may be wrong, hope
> someone could confirm it and help me improve this tool.
> h2. Bug description:
> callee :SecurityUtils#createSaslClient will return null while encounter
> exception
> {code:java}
> // code placeholder
> catch (Exception e) {
> LOG.error("Exception while trying to create SASL client", e);
> return null;
> }
> {code}
> but its caller has no null check just like:
> {code:java}
> // code placeholder
> sc = SecurityUtils.createSaslClient();
> if (sc.hasInitialResponse()) {
> responseToken = createSaslToken(new byte[0], sc, learnerLogin);
> }
> {code}
> I think we should add null check in caller while callee return null
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
