Details
-
Sub-task
-
Status: Resolved
-
Low
-
Resolution: Fixed
-
None
Description
Overview:
In May through June of 2016 a static analysis was performed on version 3.0.5 of the Cassandra source code. The analysis included an automated analysis using HP Fortify v4.21 SCA and a manual analysis utilizing SciTools Understand v4. The results of that analysis includes the issue below.
Issue:
In the file AlterTableStatement.java on lines 139, 190 & 192, a null dereference may occur by referencing the member validator, which can be assigned null on line 96. at the beginning of the method announceMigration.
AlterTableStatement.java, lines 88-139: 088 public Event.SchemaChange announceMigration(boolean isLocalOnly) throws RequestValidationException 089 { . . . 096 CQL3Type validator = this.validator == null ? null : this.validator.prepare(keyspace()); . . . 108 switch (oType) 109 { 110 case ADD: . . . 138 139 AbstractType<?> type = validator.getType();