Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1060

Coverity static analysis, dereference after null check, KeyStoreCredentialStore (Elytron)

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • 1.1.0.Beta38
    • 1.1.0.Beta34
    • KeyStores
    • None

      Coverity static-analysis scan found possible call on null object in KeyStoreCredentialStore class:
      https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=9564274&defectInstanceId=2359189&mergedDefectId=1402109

      In if branch where flow will get only if location is null, location is dereferenced:

      KeyStoreCredentialStore.java
      if (location != null && Files.exists(location))
                  try (InputStream fileStream = Files.newInputStream(location)) {
                      keyStore.load(fileStream, getStorePassword(protectionParameter));
                      enumeration = keyStore.aliases();
                  } catch (GeneralSecurityException | IOException e) {
                      throw log.cannotInitializeCredentialStore(e);
              } else if (create) {
                  try {
                      keyStore.load(null, null);
                      enumeration = Collections.emptyEnumeration();
                  } catch (CertificateException | IOException | NoSuchAlgorithmException e) {
                      throw log.cannotInitializeCredentialStore(e);
                  }
              } else {
                  throw log.automaticStorageCreationDisabled(location.toString());
              }
      

              rhn-support-ivassile Ilia Vassilev
              mchoma@redhat.com Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: