Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1552

Coverity, Reliance on default encoding in DigestAuthenticationMechanism.

XMLWordPrintable

      In org.​wildfly.​security.​http.​impl.​DigestAuthenticationMechanism.​digestUriMatchesRequestUri(org.​wildfly.​security.​http.​HttpServerRequest, byte[]): Found a call to a method which will perform a byte to String (or String to byte) conversion, and will assume that the default platform encoding is suitable.

       private boolean digestUriMatchesRequestUri(HttpServerRequest request, byte[] digestUri) {
        if (!validateUri) {
            return true;
        }

        java.net.URI requestURI = request.getRequestURI();
        String digestUriStr = new String(digestUri);

      https://scan7.coverity.com/reports.htm#v20225/p11778/fileInstanceId=49333269&defectInstanceId=10309296&mergedDefectId=1466832

              rhn-support-ivassile Ilia Vassilev
              rhn-support-ivassile Ilia Vassilev
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: