[jira] [Work logged] (CLI-283) Missing Null pointer checks in CommandLine.java

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[jira] [Work logged] (CLI-283) Missing Null pointer checks in CommandLine.java

Bruno P. Kinoshita (Jira)

     [ https://issues.apache.org/jira/browse/CLI-283?focusedWorklogId=340372&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-340372 ]

ASF GitHub Bot logged work on CLI-283:
--------------------------------------

                Author: ASF GitHub Bot
            Created on: 08/Nov/19 06:49
            Start Date: 08/Nov/19 06:49
    Worklog Time Spent: 10m
      Work Description: dilraj45 commented on pull request #24: CLI-283 Fixes bugs in CommandLine.java which could possible lead to Null pointer
URL: https://github.com/apache/commons-cli/pull/24
 
 
   
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[hidden email]


Issue Time Tracking
-------------------

            Worklog Id:     (was: 340372)
    Remaining Estimate: 0h
            Time Spent: 10m

> Missing Null pointer checks in CommandLine.java
> -----------------------------------------------
>
>                 Key: CLI-283
>                 URL: https://issues.apache.org/jira/browse/CLI-283
>             Project: Commons CLI
>          Issue Type: Bug
>          Components: CLI-2.x
>    Affects Versions: 1.4
>            Reporter: Dilraj Singh
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> - [CommandLine.java #L233 |https://github.com/apache/commons-cli/blob/b0024d482050a08efc36c3cabee37c0af0e57a10/src/main/java/org/apache/commons/cli/CommandLine.java#L233]
>  Method call to `getValuesList()` returns the possible values of `Option` for which it is called as List or returns `null`. In case it returns `null`, `addAll()` method call on type `List` with `null` as an argument will lead to a NullPointerException. This can be prevented by explicitly checking and handling the cases when it might return null. I have made changes for the same
>  - [CommandLine.java #L260 |https://github.com/apache/commons-cli/blob/b0024d482050a08efc36c3cabee37c0af0e57a10/src/main/java/org/apache/commons/cli/CommandLine.java#L260]
>  As per the implementation of `stripLeadingHyphens(String)`, there exists cases when it might return `null`. And calling `equals` method on a null return value ([#L263 |https://github.com/apache/commons-cli/blob/b0024d482050a08efc36c3cabee37c0af0e57a10/src/main/java/org/apache/commons/cli/CommandLine.java#L263]) will lead to null pointer exception. So as to prevent this I have made changes to explicitly return null in case `stripLeadingHyphens` returns null
>  - [CommandLine.java #L472 |https://github.com/apache/commons-cli/blob/b0024d482050a08efc36c3cabee37c0af0e57a10/src/main/java/org/apache/commons/cli/CommandLine.java#L472
>  There is a possibility that `addOption` method is called with null as an argument. In that case we will be adding null values to our list of processed options (as `List` does not thrown any null pointer exception even if `add` method is called with null values). So as to prevent this we need to make sure that value that we are adding to list of processed option is not null.
> I have created a pull request for addressing these issues, [see|https://github.com/apache/commons-cli/pull/24]



--
This message was sent by Atlassian Jira
(v8.3.4#803005)