Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SpringEntityLeakDetector throw s NPE #477

Closed
bananayong opened this issue May 3, 2019 · 1 comment · Fixed by #478
Closed

SpringEntityLeakDetector throw s NPE #477

bananayong opened this issue May 3, 2019 · 1 comment · Fixed by #478
Labels
bug
Milestone
version-1.10.0

Comments

@bananayong
Copy link
Contributor

bananayong commented May 3, 2019
edited

Environment

Component Version
Maven 3.6.0
Java jdk-11.0.2
SpotBugs 3.1.12
FindSecBugs 1.9.0

Problem

I got some problem when run spotbugs with find-sec-bugs plugin.
The issue is that SpringEntityLeakDetector throws NPE when some interface has @RequestMapping annotations.
For feign client I need to put spring MVC annotations on interface.

I think that problem is from MethodGenFactory#analyze.
That method returns null when method.getCode() == null.
So, (MethodGen methodGen = classContext.getMethodGen(m);) methodGen can be null.
NPE is thrown on List<String> classesToInspect = new ArrayList<>(Arrays.asList(methodGen.getReturnType().toString()));

It looks like to solve the issue by skipping when methodGen is null.

Is there any workaround for this problem?
Let me know please.

Thank you!

Code (If needed)

// FeignClient
public interface RemoteClient {
    @RequestMapping(path = "/hello/{name}", method = RequestMethod.GET)
    Hello hello(@PathVariable String name);
}

I made sample project to reproduce this issue.
https://github.com/bananayong/spring-entity-leak-detector-issue
@h3xstream h3xstream added the bug label May 3, 2019
bananayong added a commit to bananayong/find-sec-bugs that referenced this issue May 4, 2019
@bananayong
Skip spring detector for spring openfeign client
ff13442 
This PR fix find-sec-bugs#477
Spring cloud openfeign client uses spring mvc annotation, but these client are not controller.

Signed-off-by: Kwangyong Kim <banana.yong@gmail.com>
bananayong added a commit to bananayong/find-sec-bugs that referenced this issue May 4, 2019
@bananayong
Skip spring detector for spring openfeign client
4f78990 
This PR fix find-sec-bugs#477
Spring cloud openfeign client uses spring mvc annotation, but these client are not controller.

Signed-off-by: Kwangyong Kim <banana.yong@gmail.com>
@bananayong bananayong mentioned this issue May 4, 2019
Merged
@reitzmichnicht
Copy link

I have the same issue, but other usecase. We use the annotated interfaces to separate it from the controller code, so the controller implements the interface with the annotated methods.

@h3xstream h3xstream added this to the version-1.10.0 milestone May 7, 2019
h3xstream pushed a commit that referenced this issue Aug 20, 2019
@bananayong @h3xstream
Fix NPE when interface has spring mvc annotations (#478)
c1f895c 
Skip spring detector for spring openfeign client
This PR fix #477
@h3xstream h3xstream mentioned this issue Aug 26, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
version-1.10.0
Development

Successfully merging a pull request may close this issue.

Fix NPE when interface has spring mvc annotations bananayong/find-sec-bugs
3 participants
@h3xstream @bananayong @reitzmichnicht