search

DaveAKing / guava-libraries

Automatically exported from code.google.com/p/guava-libraries
Apache License 2.0
0 stars 0 forks source link

RegularContiguousSet.contains() may throw NullPointerException #1698

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
The method contains() in com.google.common.collect.Range contains a call to 
Preconditions.checkNotNull() for the formal parameter:

  public boolean contains(C value) { 
    checkNotNull(value);
    // let this throw CCE if there is some trickery going on
    return lowerBound.isLessThan(value) && !upperBound.isLessThan(value);
  }

That is, this method will throw a NullPointerException if value is null.

The method contains() in com.google.common.collect.RegularContiguousSet is 
implemented using Range.contains():

  @Override public boolean contains(Object object) {
    try {
      return range.contains((C) object);
    } catch (ClassCastException e) {
      return false;
    }
  }

There is no null check here, so if RegularContiguousSet.contains() is called 
with a null value, it will pass that value to Range.contains() and a 
NullPointerException will result.  This is erroneous because 
RegularContiguousSet.contains() overrides ImmutableCollection.contains() whose 
"object" parameter is explicitly annotated as @Nullable.  That is, the method 
should be able to handle a test against null:

  @Override
  public boolean contains(@Nullable Object object) {
    return object != null && Iterators.contains(iterator(), object);
  }

RegularContiguousSet.contains() should be fixed to check for null:

 @Override public boolean contains(Object object) {
    try {
      if (object == null) {
        return false;
      } else {
        return range.contains((C) object);
      }
    } catch (ClassCastException e) {
      return false;
    }
  }

Original issue reported on code.google.com by Aaron.Gr...@gmail.com on 14 Mar 2014 at 12:58

GoogleCodeExporter commented 9 years ago 
This appears to be fixed in Guava 12.0:

https://code.google.com/p/guava-libraries/source/browse/guava/src/com/google/com
mon/collect/RegularContiguousSet.java?name=release12#107

We recommend upgrading to 16.0.

Original comment by kevinb@google.com on 20 Mar 2014 at 2:41

GoogleCodeExporter commented 9 years ago 
Glad to know it was fixed.  I saw this error in the Guava source currently 
embedded in the Android project.

Original comment by Aaron.Gr...@gmail.com on 21 Mar 2014 at 5:22

GoogleCodeExporter commented 9 years ago 
This issue has been migrated to GitHub.

It can be found at https://github.com/google/guava/issues/<id>

Original comment by cgdecker@google.com on 1 Nov 2014 at 4:09

GoogleCodeExporter commented 9 years ago

Original comment by cgdecker@google.com on 3 Nov 2014 at 9:07