Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1195

Coverity, Dereference after null check in KeyStoreCredentialStore (Elytron)

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • 1.1.0.Beta49
    • None
    • None
    • None

      dataLocation is dereferenced, although it is checked on null before (could be null).

      Setting Critical priority as that can cover root cause of real problem with NPE.

      KeyStoreCredentialStore.java
      try {
          if (dataLocation != null && Files.exists(dataLocation)) {
              char[] password = getStorePassword(protectionParameter);
              try (InputStream fileStream = Files.newInputStream(dataLocation)) {
                  if (useExternalStorage) {
                      externalStorage.load(fileStream);
                  } else {
                      keyStore.load(fileStream, password);
                  }
              }
              enumeration = keyStore.aliases();
          } else {
              keyStore.load(null, null);
              enumeration = Collections.emptyEnumeration();
          }
      } catch (GeneralSecurityException e) {
          throw log.cannotInitializeCredentialStore(
                  log.internalEncryptionProblem(e, dataLocation.toString()));
      }
      

      https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=20120757&defectInstanceId=4609349&mergedDefectId=1436246

            rhn-support-ivassile Ilia Vassilev
            mchoma@redhat.com Martin Choma
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: