[JAVA-2725] Investigate Coverity report of dereferencing a null return value in PojoBuilderHelper.​configureClassModelBuilder Created: 02/Jan/18  Updated: 28/Oct/23  Resolved: 10/Jan/18

Status: Closed
Project: Java Driver
Component/s: Internal
Affects Version/s: None
Fix Version/s: 3.7.0

Type: Task Priority: Major - P3
Reporter: Jeffrey Yemin Assignee: Ross Lawley
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

The report is as follows:

102383 Dereference null return value
If the function actually returns a null value, a NullPointerException will be thrown.
 
In org.​bson.​codecs.​pojo.​PojoBuilderHelper.​configureClassModelBuilder(org.​bson.​codecs.​pojo.​ClassModelBuilder, java.​lang.​Class): Return value of function which returns null is dereferenced without checking (CWE-476)

It's not immediately obvious whether an NPE can happen in practice, but it should be investigated and the Coverity issue updated appropriately.



 Comments   
Comment by Githook User [ 09/Jan/18 ]

Author:

{'name': 'Ross Lawley', 'username': 'rozza', 'email': 'ross.lawley@gmail.com'}

Message: Clarify the intention when getting or creating PropertyMetadata

Coverity did not like the possibility of the method returning null.
There was no risk for a NPE as the code was protected by the PropertyTypeCheck
Enum. However, it was overly complex, so splitting out the logic for
methods and fields reduces the risk of a regression in the future.

JAVA-2725
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/20d394b0320855269f4a0f11facd819f6f9e401f

Generated at Thu Feb 08 08:57:55 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.