[jboss-jira] [JBoss JIRA] (ELY-752) Coverity static analysis: Dereference null return value in SerializedPermissionCollection (Elytron)
Josef Cacek (JIRA)
issues at jboss.org
Tue Nov 15 10:04:01 EST 2016
[ https://issues.jboss.org/browse/ELY-752?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13322963#comment-13322963 ]
Josef Cacek commented on ELY-752:
---------------------------------
Thanks David, it was updated in the Scan results..
https://scan7.coverity.com/reports.htm#v16159/p11778/fileInstanceId=5911073&defectInstanceId=1571310&mergedDefectId=1369305
> Coverity static analysis: Dereference null return value in SerializedPermissionCollection (Elytron)
> ---------------------------------------------------------------------------------------------------
>
> Key: ELY-752
> URL: https://issues.jboss.org/browse/ELY-752
> Project: WildFly Elytron
> Issue Type: Bug
> Reporter: Josef Cacek
> Assignee: Darran Lofthouse
> Labels: static_analysis
>
> Coverity static-analysis scan found possible use of null object comming from {{SerializedPermissionCollection.readResolve()}} method.
> https://scan7.coverity.com/reports.htm#v16159/p11778/fileInstanceId=5760016&defectInstanceId=1541372&mergedDefectId=1369305
> The {{newPermissionCollection()}} call may return null in the code:
> {code}
> final PermissionCollection collection = s.newPermissionCollection();
> {code}
> It's than used without a null-check in the method:
> {code}
> for (Permission permission : p) {
> collection.add(permission);
> }
> if (r) collection.setReadOnly();
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list