Possible NPE in RubyIO:rbIoClose() found by SAST #8816
Description
Our SAST shows possible NullPointerException in
jruby/core/src/main/java/org/jruby/RubyIO.java
Line 2391 in 0e43a52
jruby/core/src/main/java/org/jruby/RubyIO.java
Line 2403 in 0e43a52
Or there is a redundant null comparison.
protected IRubyObject rbIoClose(ThreadContext context) {
OpenFile fptr;
RubyIO write_io;
OpenFile write_fptr;
write_io = GetWriteIO();
if (this != write_io) {
write_fptr = write_io.openFile;
boolean locked = write_fptr.lock();
try {
if (write_fptr != null && write_fptr.fd() != null) {
write_fptr.cleanup(context.runtime, true);
}
} finally {
if (locked) write_fptr.unlock();
}
}
fptr = openFile;
boolean locked = fptr.lock();
try {
if (fptr == null) return context.nil;
if (fptr.fd() == null) return context.nil;
final Ruby runtime = context.runtime;
...
} finally {
if (locked) fptr.unlock();
}
return context.nil;
}
If write_fptr or fptr is null, then any lock attempt will cause NPE.
Environment Information
We are analyzing versions 9.4.x (8-12), but this problem is still in master
Expected Behavior
- No NPE at all. But it seems nobody catch it through the years, so i don't know if this condition exists at all
Actual Behavior
- have no tests to show this NPE, can't figure out how to make one. This is simply code analysis, that showed possible NPE