Ghidra: Structure Editor NPE

Created on 19 Jun 2020 · 1Comment · Source: NationalSecurityAgency/ghidra

Describe the bug
Adding undefined bytes to fast to manually fix #2007 results in a NPE.

To Reproduce
Steps to reproduce the behavior:

Get a structure with a field that is to big.
Click add undefined byte as fast as you can (before the change has propagated)
Be greeted by NPE

Expected behavior
No NPE

Attachments

stacktrace

Uncaught Exception!
NullPointerException - Cannot invoke "ghidra.program.model.data.DataTypeComponent.getDataType()" because "comp" is null
java.lang.NullPointerException: Cannot invoke "ghidra.program.model.data.DataTypeComponent.getDataType()" because "comp" is null
at ghidra.app.plugin.core.compositeeditor.StructureEditorModel.isDuplicateAllowed(StructureEditorModel.java:662)
at ghidra.app.plugin.core.compositeeditor.DuplicateAction.adjustEnablement(DuplicateAction.java:73)
at ghidra.app.plugin.core.compositeeditor.CompositeEditorTableAction.selectionChanged(CompositeEditorTableAction.java:105)
at ghidra.app.plugin.core.compositeeditor.CompositeViewerModel.lambda$selectionChanged$4(CompositeViewerModel.java:1391)
at ghidra.app.plugin.core.compositeeditor.CompositeViewerModel.lambda$updatingSelection$3(CompositeViewerModel.java:1378)
at ghidra.util.Swing.runIfSwingOrRunLater(Swing.java:124)
at ghidra.app.plugin.core.compositeeditor.CompositeViewerModel.swing(CompositeViewerModel.java:1401)
at ghidra.app.plugin.core.compositeeditor.CompositeViewerModel.updatingSelection(CompositeViewerModel.java:1374)
at ghidra.app.plugin.core.compositeeditor.CompositeViewerModel.selectionChanged(CompositeViewerModel.java:1388)
at ghidra.app.plugin.core.compositeeditor.CompEditorModel.setSelection(CompEditorModel.java:189)
at ghidra.app.plugin.core.compositeeditor.CompositeEditorPanel.lambda$createTable$5(CompositeEditorPanel.java:574)
at java.desktop/javax.swing.DefaultListSelectionModel.fireValueChanged(DefaultListSelectionModel.java:219)
at java.desktop/javax.swing.DefaultListSelectionModel.fireValueChanged(DefaultListSelectionModel.java:186)
at java.desktop/javax.swing.DefaultListSelectionModel.setValueIsAdjusting(DefaultListSelectionModel.java:723)
at java.desktop/javax.swing.plaf.basic.BasicTableUI$Handler.setValueIsAdjusting(BasicTableUI.java:972)
at java.desktop/javax.swing.plaf.basic.BasicTableUI$Handler.mouseReleased(BasicTableUI.java:1185)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:297)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:297)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:297)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:297)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:297)
at java.desktop/java.awt.Component.processMouseEvent(Component.java:6636)
at java.desktop/javax.swing.JComponent.processMouseEvent(JComponent.java:3342)
at java.desktop/java.awt.Component.processEvent(Component.java:6401)
at java.desktop/java.awt.Container.processEvent(Container.java:2263)
at java.desktop/java.awt.Component.dispatchEventImpl(Component.java:5012)
at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2321)
at java.desktop/java.awt.Component.dispatchEvent(Component.java:4844)
at java.desktop/java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4919)
at java.desktop/java.awt.LightweightDispatcher.processMouseEvent(Container.java:4548)
at java.desktop/java.awt.LightweightDispatcher.dispatchEvent(Container.java:4489)
at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2307)
at java.desktop/java.awt.Window.dispatchEventImpl(Window.java:2764)
at java.desktop/java.awt.Component.dispatchEvent(Component.java:4844)
at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:772)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:721)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:715)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:391)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:85)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:95)
at java.desktop/java.awt.EventQueue$5.run(EventQueue.java:745)
at java.desktop/java.awt.EventQueue$5.run(EventQueue.java:743)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:391)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:85)
at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:742)
at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:203)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:113)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:109)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
at java.desktop/java.awt.EventDispatchThread.run(EventDispatchThread.java:90)

Build Date: 2020-Jun-09 1205 EDT
Ghidra Version: 9.2
Java Home: C:\Program Files\Java\jdk-14.0.1
JVM Version: Oracle Corporation 14.0.1
OS: Windows 10 10.0 amd64
Workstation: 10.0.0.31

Environment (please complete the following information):
see stack trace

Bug

Source

astrelsky

Most helpful comment

StructureEditorModel.insert(), line 973 bumps the row index +1 to keep the current row focused, but line 979 might then delete the newly added undefined component when it gets merged into the badly-sized structure that was located just before the newly inserted undefined. (ie. the added row gets removed, but the indexes aren't updated)
This is where the problems start.
Row is now incorrect, later causing isDuplicateAllowed() to NPE because it gets a bad row index.