Closed
Bug 1258703
Opened 9 years ago
Closed 9 years ago
[Static Analysis][Dereference null return value] In function Reporter::receivedGpsMessage
Categories
(Firefox for Android Graveyard :: General, defect)
Firefox for Android Graveyard
General
Tracking
(firefox48 fixed)
RESOLVED
FIXED
Firefox 48
| Tracking | Status | |
|---|---|---|
| firefox48 | --- | fixed |
People
(Reporter: andi, Assigned: andi)
References
(Blocks 1 open bug)
Details
(Keywords: coverity, Whiteboard: CID 123978 )
Attachments
(1 file)
The Static Analysis tool Coverity added that variable |subject| is used without being null checked, thus leading to a potential null pointer dereference:
>> String subject = intent.getStringExtra(Intent.EXTRA_SUBJECT);
>> if (subject.equals(GPSScanner.SUBJECT_NEW_LOCATION)) {
>> reportCollectedLocation();
>> Location newPosition = intent.getParcelableExtra(GPSScanner.NEW_LOCATION_ARG_LOCATION);
>> mBundle = (newPosition != null) ? new StumblerBundle(newPosition, mPhoneType) : mBundle;
>> }
getStringExtra can return null:
>> public String getStringExtra(String name) {
>> return mExtras == null ? null : mExtras.getString(name);
>> }
|
Assignee | |
Comment 1•9 years ago
|
||
Review commit: https://reviewboard.mozilla.org/r/41747/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/41747/
Attachment #8733375 -
Flags: review?(s.kaspari)
|
||
Updated•9 years ago
|
Attachment #8733375 -
Flags: review?(s.kaspari)
|
|
||
Comment 2•9 years ago
|
||
Comment on attachment 8733375 [details]
MozReview Request: Bug 1258703 - avoid null pointer dereference on |subject|. r?sebastian
https://reviewboard.mozilla.org/r/41747/#review38175
The change looks good to me. There's also an upstream version of Stumbler on Github:
https://github.com/mozilla/MozStumbler
I wonder if we fix those bugs on github and merge them back to mozilla-central or if we fix both projects independently. I'll flag and ask Victor. :)
::: mobile/android/stumbler/java/org/mozilla/mozstumbler/service/stumblerthread/Reporter.java:109
(Diff revision 1)
> putCellResults(results);
> }
>
> private void receivedGpsMessage(Intent intent) {
> String subject = intent.getStringExtra(Intent.EXTRA_SUBJECT);
> - if (subject.equals(GPSScanner.SUBJECT_NEW_LOCATION)) {
> + if (subject != null && subject.equals(GPSScanner.SUBJECT_NEW_LOCATION)) {
We often avoid those NullPointerException(s) by reversing the equals call (and assuming the constants is never null):
if (GPSScanner.SUBJECT_NEW_LOCATION.equals(subject)) {
..
}
|
|
||
Comment 3•9 years ago
|
||
@Victor: This is a change in the Stumbler code base and I saw that you are maintaining it on GitHub. Is this completely independent from mozilla-central or should we fix this only in one place and regularly merge between the two projects?
Flags: needinfo?(vng)
|
||
Comment 4•9 years ago
|
||
The codebase has diverged pretty significantly since we landed the patches into mozilla central, so I've applied a backport of your patch to the main stumbler source tree.
https://github.com/mozilla/MozStumbler/pull/1752
Thanks Sebastian! Which static analysis tool are you using? I'd like to see if I can have it integrated into the Travis builds so that I can also get yelled at by the robots. :)
Flags: needinfo?(vng)
|
|
||
Comment 5•9 years ago
|
||
Comment on attachment 8733375 [details]
MozReview Request: Bug 1258703 - avoid null pointer dereference on |subject|. r?sebastian
https://reviewboard.mozilla.org/r/41747/#review38181
Attachment #8733375 -
Flags: review+
|
|
||
Comment 6•9 years ago
|
||
(In reply to Victor Ng [:vng] [:crankycoder] from comment #4)
> Thanks Sebastian! Which static analysis tool are you using? I'd like to
> see if I can have it integrated into the Travis builds so that I can also
> get yelled at by the robots. :)
This report here is from Coverity (we are also using Android lint). I actually don't know how they are actually produced but Andi-Bogdan probably knows!
|
||
Comment 7•9 years ago
|
||
I am managing a jenkins instance here: http://relman-ci.mozilla.org/
For now, I am using scan-build, coverity & infer but happy to plug other tools.
I work closely with Andi on this.
|
|
Assignee | |
Comment 8•9 years ago
|
||
Comment on attachment 8733375 [details]
MozReview Request: Bug 1258703 - avoid null pointer dereference on |subject|. r?sebastian
Review request updated; see interdiff: https://reviewboard.mozilla.org/r/41747/diff/1-2/
Attachment #8733375 -
Attachment description: MozReview Request: Bug 1258703 - null check |subject| before dereferencing. r?sebastian → MozReview Request: Bug 1258703 - avoid null pointer dereference on |subject|. r?sebastian
|
||
Comment 10•9 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 9 years ago
status-firefox48:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 48
|
||
Updated•4 years ago
|
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•