nutzam
Several potential NullPointerException bugs.
Hi all,
Our tool has found several potential NPE bugs.
-
The method
calculateItemreturns null when the parameterobjis null. However, after checking several call sites of this method, we found that most of them don't handle the null case. For example,Number rval = (Number) calculateItem(this.right);in the methodcalculateassigns the return value of to variablerval. Then, the variable is used without checking whether it is null. Only two implementations ofcalculatein classAndOptandOrOptcheck whether the return value ofcalculateItemis null or not. -
visitJumpInsninvokescurrentBlock.frame.execute(opcode, 0, null, null);at line 1021. The third argument is used inpush(cw, item.strVal1);at method execute. Then, the null value may be dereferenced in the methodpush2.1. Similar to the second one,visitVarInsnalso invokescurrentBlock.frame.execute(opcode, var, null, null);at line 795. 2.2. Similarily,visitIntInsninvokescurrentBlock.frame.execute(opcode, operand, null, null);at line 770. 2.3. The remaining potential NPE bugs with this pattern includes: 1011, 368 -
The method
readUTF8may return null at line 2452. Then the return value is used byhttps://github.com/nutzam/nutz/tree/v1.r.68.v20191031/src/org/nutz/repo/org/objectweb/asm/ClassReader.javaat line 2557. Then it calls methodgetObjectTypeand uses the parameter inchar[] buf = internalName.toCharArray();at line 228 -
The second argument of
mv.visitTypeInsn(CHECKCAST, type.getClassName().replace('.', '/'));at line 109 may return null due to the line 576
Thanks
Hi, we have reported the bugs a while ago would you please take a look and confirm if they are real bugs. We have been conducting an experiment to measure the accuracy of our static checker. We would be deeply appreciated if you can provide some feedback!
yes, it will NPE. but, all code under package "org.nutz.repo.org.objectweb.asm" is copy from ASM 6.1.1. We don't do any change on it.
Maybe, we wiil upgrade to ASM 7.x, someday.
