Details
-
Sub-task
-
Status: Resolved
-
Normal
-
Resolution: Invalid
-
None
-
None
-
None
Description
Overview:
In May through June of 2016 a static analysis was performed on version 3.0.5 of the Cassandra source code. The analysis included an automated analysis using HP Fortify v4.21 SCA and a manual analysis utilizing SciTools Understand v4. The results of that analysis includes the issue below.
Issue:
In the file BatchStatement.java on line 449 the object casRequest may be null and a null dereference exception could be generated. casRequest is initialized to null on linw 412 and if the for loop beginning on line 415 is skipped the null dereference will occur.
BatchStatement.java, lines 412-450: 412 CQL3CasRequest casRequest = null; 413 Set<ColumnDefinition> columnsWithConditions = new LinkedHashSet<>(); 414 415 for (int i = 0; i < statements.size(); i++) 416 { 417 ModificationStatement statement = statements.get(i); 418 QueryOptions statementOptions = options.forStatement(i); 419 long timestamp = attrs.getTimestamp(now, statementOptions); 420 List<ByteBuffer> pks = statement.buildPartitionKeyNames(statementOptions); 421 if (pks.size() > 1) 422 throw new IllegalArgumentException("Batch with conditions cannot span multiple partitions (you cannot use IN on the partition key)"); 423 if (key == null) 424 { 425 key = statement.cfm.decorateKey(pks.get(0)); 426 casRequest = new CQL3CasRequest(statement.cfm, key, true, conditionColumns, updatesRegularRows, updatesStaticRow); 427 } 428 else if (!key.getKey().equals(pks.get(0))) 429 { 430 throw new InvalidRequestException("Batch with conditions cannot span multiple partitions"); 431 } 432 ... 448 } 449 casRequest.addRowUpdate(clustering, statement, statementOptions, timestamp); 450 }