Details
-
Bug
-
Resolution: Done
-
Critical
-
7.1.0.DR18
-
None
Description
dataLocation is dereferenced, although it is checked on null before (could be null).
Setting Critical priority as that can cover root cause of real problem with NPE.
KeyStoreCredentialStore.java
try { if (dataLocation != null && Files.exists(dataLocation)) { char[] password = getStorePassword(protectionParameter); try (InputStream fileStream = Files.newInputStream(dataLocation)) { if (useExternalStorage) { externalStorage.load(fileStream); } else { keyStore.load(fileStream, password); } } enumeration = keyStore.aliases(); } else { keyStore.load(null, null); enumeration = Collections.emptyEnumeration(); } } catch (GeneralSecurityException e) { throw log.cannotInitializeCredentialStore( log.internalEncryptionProblem(e, dataLocation.toString())); }
Attachments
Issue Links
- is cloned by
-
ELY-1195 Coverity, Dereference after null check in KeyStoreCredentialStore (Elytron)
- Resolved
- is incorporated by
-
JBEAP-11304 Upgrade WildFly Elytron to 1.1.0.Beta50
- Verified