Critical issue "Possible null pointer dereference in xxx " about reactor framework

Hi~
It’s seems to be erroneous judgement at reactor chains calls way like the followling:

Mono<Map<String, List<BasicRankingItemInfo>>> basicRankingItemInfoGroupAsync = Flux.fromIterable(segmentList)
                .flatMap(this::searchRankingItemGroupAsync)  // reported that this line may produce npe
                .collectList()
                .map(groupMapList -> {
                   ...
                });

sonar report that Flux.fromIterable(segmentList).flatMap(...) may produce NPE, but i make sure the result of ‘Flux.fromIterable()’ can not be null. By the way, sornaqube version 7.2 and the framework is spring reactor version 3.4.21, pom as following

<dependency>
    <groupId>io.projectreactor</groupId>
    <artifactId>reactor-core</artifactId>
    <version>3.4.21</version>
</dependency>

I’ve moved your post to the section on reporting false-positives.

Take a look at this topic and adjust your post to include al the required information.

Sorry, maybe i wasn’t clear enough before, sornaqube 7.2 and reactor framework version 3.4.21 just as mentioned, so i simplified the demo code as follow:

private void test() {
        List<Integer> testList = ImmutableList.of(1, 2, 3, 4, 5, 6, 7, 8, 9, 10);
        List<List<Integer>> segmentList = Lists.partition(testList, 5);
        Mono<Map<String, List<String>>> resultAsync = Flux.fromIterable(segmentList)
                .flatMap(new Function<List<Integer>, Mono<Map<String, List<Integer>>>>() {  // Possible null pointer dereference...
                    @Override
                    public Mono<Map<String, List<Integer>>> apply(List<Integer> list) {
                        return Mono.just(ImmutableMap.of(list.get(0) + "", list));
                    }
                })
                .collectList()  // Possible null pointer dereference...
                .map(groupMapList -> new HashMap<>(0));  // // Possible null pointer dereference...
        resultAsync.subscribe(); // // Possible null pointer dereference...
    }

Hi,

Your version is past EOL. You should upgrade to either the latest version or the current LTS at your earliest convenience. Your upgrade path is:

7.2 → 7.9.6 → 8.9.9 → 9.6 (last step optional)

You may find the Upgrade Guide and the LTS-to-LTS Upgrade Notes helpful. If you have questions about upgrading, feel free to open a new thread for that here.

If your error persists after upgrade, please come back to us.