We are developing a new static analysis tool for catching bugs in Java code. Upon scanning your codebase we find the following:
In Frame.java (stetho/src/main/java/com/facebook/stetho/websocket/Frame.java) line 41, if hasMask is false then maskingKey will be assigned null when passed to MaskingHelper.unmask(maskingKey, payloadData, 0, (int)payloadLen) the expression key[index++ % key.length] at line 14 in MaskingHelper.java will trigger a null pointer dereference.
Would you please take a look and confirm this is indeed a bug? Thanks a million!!!
Hi,
We are developing a new static analysis tool for catching bugs in Java code. Upon scanning your codebase we find the following:
In
Frame.java
(stetho/src/main/java/com/facebook/stetho/websocket/Frame.java) line 41, ifhasMask
isfalse
thenmaskingKey
will be assignednull
when passed toMaskingHelper.unmask(maskingKey, payloadData, 0, (int)payloadLen)
the expressionkey[index++ % key.length]
at line 14 inMaskingHelper.java
will trigger a null pointer dereference.Would you please take a look and confirm this is indeed a bug? Thanks a million!!!