#1154 closed defect (fixed)

Evaluation of null values is not safe in QtDomainOperation

Reported by: dmisev Owned by: dmisev
Priority: major Milestone: 9.2
Component: qlparser Version: development
Keywords: Cc: pbaumann
Complexity: Medium

Description

In certain cases it can lead to null pointer exceptions like this:

#0  0x0000000000421760 in easyloggingpp::internal::RegisteredLoggers::constants() const ()
#1  0x00000000004219c1 in easyloggingpp::internal::Writer::Writer(std::string const&, unsigned int, unsigned int, char const*, char const*, unsigned long, bool, int, int) ()
#2  0x00000000005eb274 in print_stacktrace(void*) ()
#3  0x0000000000416955 in crash_handler(int, siginfo_t*, void*) ()
#4  <signal handler called>
#5  0x00000000005c84a0 in r_Sinterval::print_status(std::ostream&) const ()
#6  0x00000000005ca02e in operator<<(std::ostream&, r_Sinterval const&) ()
#7  0x00000000005d1019 in r_Minterval::print_status(std::ostream&) const ()
#8  0x00000000005d246f in operator<<(std::ostream&, r_Minterval const&) ()
#9  0x00000000005d10c2 in r_Minterval::get_string_representation() const ()
#10 0x0000000000611b80 in NullValuesHandler::getNullValues() const ()
#11 0x0000000000533caa in QtDomainOperation::evaluate(std::vector<QtData*, std::allocator<QtData*> >*) ()
#12 0x000000000063185a in QLMarrayOp::operator()(char*, r_Point const&) ()
#13 0x00000000006045e7 in Tile::execMarrayOp(MarrayOp*, r_Minterval const&, r_Minterval const&) ()
#14 0x0000000000557d29 in QtMarrayOp::evaluate(std::vector<QtData*, std::allocator<QtData*> >*) ()
#15 0x00000000005301a4 in QtCondense::computeFullCondense(std::vector<QtData*, std::allocator<QtData*> >*, r_Minterval&) ()
#16 0x00000000005324c7 in QtMinCells::evaluate(std::vector<QtData*, std::allocator<QtData*> >*) ()
#17 0x000000000063185a in QLMarrayOp::operator()(char*, r_Point const&) ()
#18 0x00000000006045e7 in Tile::execMarrayOp(MarrayOp*, r_Minterval const&, r_Minterval const&) ()
#19 0x0000000000557d29 in QtMarrayOp::evaluate(std::vector<QtData*, std::allocator<QtData*> >*) ()
#20 0x000000000050ed47 in QtOperationIterator::next() ()
#21 0x0000000000560887 in QueryTree::evaluateRetrieval() ()
#22 0x00000000004ade3b in ServerComm::executeQuery(unsigned long, char const*, ExecuteQueryRes&) ()
#23 0x000000000049b626 in RasServerEntry::compat_executeQueryRpc(char const*, ExecuteQueryRes&) ()
#24 0x00000000006a2f26 in RasnetServerComm::ExecuteQuery(grpc::ServerContext*, rasnet::service::ExecuteQueryReq const*, rasnet::service::ExecuteQueryRepl*) ()
#25 0x00000000006d0196 in grpc::Status std::_Mem_fn<grpc::Status (rasnet::service::ClientRassrvrService::Service::*)(grpc::ServerContext*, rasnet::service::ExecuteQueryReq const*, rasnet::service::ExecuteQueryRepl*)>::operator()<grpc::ServerContext*, rasnet::service::ExecuteQueryReq const*, rasnet::service::ExecuteQueryRepl*, void>(rasnet::service::ClientRassrvrService::Service*, grpc::ServerContext*&&, rasnet::service::ExecuteQueryReq const*&&, rasnet::service::ExecuteQueryRepl*&&) const ()
#26 0x00000000006c9865 in std::_Function_handler<grpc::Status (rasnet::service::ClientRassrvrService::Service*, grpc::ServerContext*, rasnet::service::ExecuteQueryReq const*, rasnet::service::ExecuteQueryRepl*), std::_Mem_fn<grpc::Status (rasnet::service::ClientRassrvrService::Service::*)(grpc::ServerContext*, rasnet::service::ExecuteQueryReq const*, rasnet::service::ExecuteQueryRepl*)> >::_M_invoke(std::_Any_data const&, rasnet::service::ClientRassrvrService::Service*, grpc::ServerContext*, rasnet::service::ExecuteQueryReq const*, rasnet::service::ExecuteQueryRepl*) ()
#27 0x00000000006e854c in std::function<grpc::Status (rasnet::service::ClientRassrvrService::Service*, grpc::ServerContext*, rasnet::service::ExecuteQueryReq const*, rasnet::service::ExecuteQueryRepl*)>::operator()(rasnet::service::ClientRassrvrService::Service*, grpc::ServerContext*, rasnet::service::ExecuteQueryReq const*, rasnet::service::ExecuteQueryRepl*) const ()
#28 0x00000000006daf6f in grpc::RpcMethodHandler<rasnet::service::ClientRassrvrService::Service, rasnet::service::ExecuteQueryReq, rasnet::service::ExecuteQueryRepl>::RunHandler(grpc::MethodHandler::HandlerParameter const&) ()
#29 0x0000000000755131 in grpc::Server::RunRpc() ()
#30 0x000000000075a421 in grpc::DynamicThreadPool::ThreadFunc() ()
#31 0x000000000075a5f3 in grpc::DynamicThreadPool::DynamicThread::ThreadFunc() ()
#32 0x00007efcaff5fdf0 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#33 0x00007efcb292b0a4 in start_thread (arg=0x7efca0dcd700) at pthread_create.c:309
#34 0x00007efcaf6f904d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Change History (1)

comment:1 Changed 14 months ago by dmisev

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.