Closed
Bug 1258703
Opened 8 years ago
Closed 8 years ago
[Static Analysis][Dereference null return value] In function Reporter::receivedGpsMessage
Categories
(Firefox for Android Graveyard :: General, defect)
Firefox for Android Graveyard
General
Tracking
(firefox48 fixed)
RESOLVED
FIXED
Firefox 48
Tracking | Status | |
---|---|---|
firefox48 | --- | fixed |
People
(Reporter: andi, Assigned: andi)
References
(Blocks 1 open bug)
Details
(Keywords: coverity, Whiteboard: CID 123978 )
Attachments
(1 file)
The Static Analysis tool Coverity added that variable |subject| is used without being null checked, thus leading to a potential null pointer dereference: >> String subject = intent.getStringExtra(Intent.EXTRA_SUBJECT); >> if (subject.equals(GPSScanner.SUBJECT_NEW_LOCATION)) { >> reportCollectedLocation(); >> Location newPosition = intent.getParcelableExtra(GPSScanner.NEW_LOCATION_ARG_LOCATION); >> mBundle = (newPosition != null) ? new StumblerBundle(newPosition, mPhoneType) : mBundle; >> } getStringExtra can return null: >> public String getStringExtra(String name) { >> return mExtras == null ? null : mExtras.getString(name); >> }
Assignee | ||
Comment 1•8 years ago
|
||
Review commit: https://reviewboard.mozilla.org/r/41747/diff/#index_header See other reviews: https://reviewboard.mozilla.org/r/41747/
Attachment #8733375 -
Flags: review?(s.kaspari)
Updated•8 years ago
|
Attachment #8733375 -
Flags: review?(s.kaspari)
Comment 2•8 years ago
|
||
Comment on attachment 8733375 [details] MozReview Request: Bug 1258703 - avoid null pointer dereference on |subject|. r?sebastian https://reviewboard.mozilla.org/r/41747/#review38175 The change looks good to me. There's also an upstream version of Stumbler on Github: https://github.com/mozilla/MozStumbler I wonder if we fix those bugs on github and merge them back to mozilla-central or if we fix both projects independently. I'll flag and ask Victor. :) ::: mobile/android/stumbler/java/org/mozilla/mozstumbler/service/stumblerthread/Reporter.java:109 (Diff revision 1) > putCellResults(results); > } > > private void receivedGpsMessage(Intent intent) { > String subject = intent.getStringExtra(Intent.EXTRA_SUBJECT); > - if (subject.equals(GPSScanner.SUBJECT_NEW_LOCATION)) { > + if (subject != null && subject.equals(GPSScanner.SUBJECT_NEW_LOCATION)) { We often avoid those NullPointerException(s) by reversing the equals call (and assuming the constants is never null): if (GPSScanner.SUBJECT_NEW_LOCATION.equals(subject)) { .. }
Comment 3•8 years ago
|
||
@Victor: This is a change in the Stumbler code base and I saw that you are maintaining it on GitHub. Is this completely independent from mozilla-central or should we fix this only in one place and regularly merge between the two projects?
Flags: needinfo?(vng)
Comment 4•8 years ago
|
||
The codebase has diverged pretty significantly since we landed the patches into mozilla central, so I've applied a backport of your patch to the main stumbler source tree. https://github.com/mozilla/MozStumbler/pull/1752 Thanks Sebastian! Which static analysis tool are you using? I'd like to see if I can have it integrated into the Travis builds so that I can also get yelled at by the robots. :)
Flags: needinfo?(vng)
Comment 5•8 years ago
|
||
Comment on attachment 8733375 [details] MozReview Request: Bug 1258703 - avoid null pointer dereference on |subject|. r?sebastian https://reviewboard.mozilla.org/r/41747/#review38181
Attachment #8733375 -
Flags: review+
Comment 6•8 years ago
|
||
(In reply to Victor Ng [:vng] [:crankycoder] from comment #4) > Thanks Sebastian! Which static analysis tool are you using? I'd like to > see if I can have it integrated into the Travis builds so that I can also > get yelled at by the robots. :) This report here is from Coverity (we are also using Android lint). I actually don't know how they are actually produced but Andi-Bogdan probably knows!
Comment 7•8 years ago
|
||
I am managing a jenkins instance here: http://relman-ci.mozilla.org/ For now, I am using scan-build, coverity & infer but happy to plug other tools. I work closely with Andi on this.
Assignee | ||
Comment 8•8 years ago
|
||
Comment on attachment 8733375 [details] MozReview Request: Bug 1258703 - avoid null pointer dereference on |subject|. r?sebastian Review request updated; see interdiff: https://reviewboard.mozilla.org/r/41747/diff/1-2/
Attachment #8733375 -
Attachment description: MozReview Request: Bug 1258703 - null check |subject| before dereferencing. r?sebastian → MozReview Request: Bug 1258703 - avoid null pointer dereference on |subject|. r?sebastian
Comment 10•8 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/bc476c66d225
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox48:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 48
Updated•3 years ago
|
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•