Details
-
Sub-task
-
Status: Resolved
-
Normal
-
Resolution: Not A Problem
-
None
-
None
-
None
Description
Overview:
In May through June of 2016 a static analysis was performed on version 3.0.5 of the Cassandra source code. The analysis included an automated analysis using HP Fortify v4.21 SCA and a manual analysis utilizing SciTools Understand v4. The results of that analysis includes the issue below.
Issue:
In the file ReplicationAwareTokenAllocator.java on line 189 the object curr may be null causing a null dereference.
The member first is initialized to null on line 175. If the for loop that begins on line 176 is never entered, curr will be assigned the value of first (which would be null in this example) on line 185. This will result in a null dereference on line 189.
ReplicationAwareTokenAllocator.java, lines 171-193: 171 private TokenInfo<Unit> createTokenInfos(Map<Unit, UnitInfo<Unit>> units, GroupInfo newUnitGroup) 172 { 173 // build the circular list 174 TokenInfo<Unit> prev = null; 175 TokenInfo<Unit> first = null; 176 for (Map.Entry<Token, Unit> en : sortedTokens.entrySet()) 177 { 178 Token t = en.getKey(); 179 UnitInfo<Unit> ni = units.get(en.getValue()); 180 TokenInfo<Unit> ti = new TokenInfo<>(t, ni); 181 first = ti.insertAfter(first, prev); 182 prev = ti; 183 } 184 185 TokenInfo<Unit> curr = first; 186 do 187 { 188 populateTokenInfoAndAdjustUnit(curr, newUnitGroup); 189 curr = curr.next; 190 } while (curr != first); 191 192 return first; 193 }