Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Value (List<string>)value, which can have null value due to comparison with null, is dereferenced inside function _servicePrincipalNames.Load(). #94753

Open
achufistov opened this issue Nov 15, 2023 · 2 comments
Open

Value (List<string>)value, which can have null value due to comparison with null, is dereferenced inside function _servicePrincipalNames.Load(). #94753

achufistov opened this issue Nov 15, 2023 · 2 comments
Labels
area-System.DirectoryServices
Milestone
Future

Comments

@achufistov
Copy link

Description

Dotnet 6.0

File: /src/libraries/System.DirectoryServices.AccountManagement/src/System/DirectoryServices/AccountManagement/Computer.cs:120

Problem: Value (List)value, which can have null value due to comparison with null, is dereferenced inside function _servicePrincipalNames.Load().

Reproduction Steps

Trace:

  1. Role: detected
    detected
    [Computer.cs:[120:0]]

  2. Role: compared with null
    Comparison value == null of value (List)value with null implies that (List)value can have null value
    [Computer.cs:[115:128]]

  3. Role: dereference
    3.1 Value (List)value is dereferenced inside invocation _servicePrincipalNames.Load((List)value)
    [Computer.cs:[120:21]]
    3.2 Value values is dereferenced at values.Count
    [ValueCollection.cs:[377:102]]

  4. Role: execution path
    4.1 Step 1: Condition value == null taking true branch
    [Computer.cs:[115:128]]
    4.2 Step 2: Condition propertyName == PropertyNames.ComputerServicePrincipalNames taking true branch
    [Computer.cs:[119:23]]

Expected behavior

null pointer dereference

Actual behavior

same

Regression?

No response

Known Workarounds

No response

Configuration

No response

Other information

Found by Linux Verification Center (linuxtesting.org) with SVACE.
@dotnet-issue-labeler dotnet-issue-labeler bot added the needs-area-label An area label is needed to ensure this gets routed to the appropriate area owners label Nov 15, 2023
@ghost ghost added the untriaged New issue has not been triaged by the area owner label Nov 15, 2023
@huoyaoyuan huoyaoyuan added area-System.DirectoryServices and removed needs-area-label An area label is needed to ensure this gets routed to the appropriate area owners labels Nov 15, 2023
@ghost
Copy link

ghost commented Nov 15, 2023

Tagging subscribers to this area: @dotnet/area-system-directoryservices, @jay98014
See info in area-owners.md if you want to be subscribed.

Issue Details

Description

Dotnet 6.0

File: /src/libraries/System.DirectoryServices.AccountManagement/src/System/DirectoryServices/AccountManagement/Computer.cs:120

Problem: Value (List)value, which can have null value due to comparison with null, is dereferenced inside function _servicePrincipalNames.Load().

Reproduction Steps

Trace:

  1. Role: detected
    detected
    [Computer.cs:[120:0]]

  2. Role: compared with null
    Comparison value == null of value (List)value with null implies that (List)value can have null value
    [Computer.cs:[115:128]]

  3. Role: dereference
    3.1 Value (List)value is dereferenced inside invocation _servicePrincipalNames.Load((List)value)
    [Computer.cs:[120:21]]
    3.2 Value values is dereferenced at values.Count
    [ValueCollection.cs:[377:102]]

  4. Role: execution path
    4.1 Step 1: Condition value == null taking true branch
    [Computer.cs:[115:128]]
    4.2 Step 2: Condition propertyName == PropertyNames.ComputerServicePrincipalNames taking true branch
    [Computer.cs:[119:23]]

Expected behavior

null pointer dereference

Actual behavior

same

Regression?

No response

Known Workarounds

No response

Configuration

No response

Other information

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Author: achufistov
Assignees: -
Labels:

area-System.DirectoryServices, untriaged
Milestone: -

@buyaa-n
Copy link
Member

buyaa-n commented Nov 22, 2023

This method has several overrides and the virtual method on parent type looks safe null value. There is 2 cases where it is called with null explicitly:

runtime/src/libraries/System.DirectoryServices.AccountManagement/src/System/DirectoryServices/AccountManagement/AD/ADStoreCtx_LoadStore.cs

Line 838 in 52b4c82

p.LoadValueIntoProperty(propertyName, null);

In general, to determine if the method has nullability issue or not should be determined during nullability annotation for the project, which is tracked by #41720. I think we should close this issue as dup of #41720, what you think @achufistov?

@buyaa-n buyaa-n added this to the Future milestone Nov 22, 2023
@ghost ghost removed the untriaged New issue has not been triaged by the area owner label Nov 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area-System.DirectoryServices
Projects
None yet
Milestone
Future
Development

No branches or pull requests
3 participants
@huoyaoyuan @buyaa-n @achufistov