buildSrc's PluginXmlParser will NPE if a parameter has no description

[HermioneSW]

Hi, We are developing a new static analysis tool for catching bugs in Java code. Upon scanning your codebase we find the following:

in PluginXmlParser.java (buildSrc/src/main/java/org/springframework/boot/build/mavenplugin/PluginXmlParser.java ) method parseParameter at line 100. The function call format(textAt("description", parameterNode)) at line 104, textAt could potentially return a null pointer at line 63. Then in function format at line 112, input.replace may trigger a null pointer dereference.

Would you please take a look and confirm this is indeed a bug? Thanks a million!!!

[wilkinsona]

Thanks for the report. Yes, in theory it's possible for a NullPointerException to occur when textAt returns null and it's then passed into format where it's dereferenced. In practice, description is always present so the problem won't occur but we should make that clearer in the code.

[HermioneSW]

Thanks @wilkinsona for the comment. That helps!

[mbhave]

Reopening as we still need to do something about this based on Andy's comment above.

[RicardoRFaria]

Do you think that returning an empty String at format method, when the parameter is null, is a good solution?

[snicoll]

@RicardoRFaria I've edited your comment to remove "guys". While it may seem a small thing, some people feel excluded by "guys" and we don't want them to.

[RicardoRFaria]

@snicoll I appreciate your feedback, sorry about that.