Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.1.0.DR12
Affects Version/s: 7.1.0.DR8
Component/s: Security
Labels:

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Coverity static-analysis scan found possible call on null object in EntityUtil.encodeAlgorithmIdentifier method:
https://scan7.coverity.com/reports.htm#v16159/p11778/fileInstanceId=5760335&defectInstanceId=1541381&mergedDefectId=1369303

In the call
encodeAlgorithmIdentifier(encoder, algorithmOid(algorithm), omitParametersField);
the algorithmOid() may return null (look at Entity class).
Then the encodeAlgorithmIdentifier calls DerEncoder.encodeObjectIdentifier where on the given String is called length() method without a null check.

is cloned by

ELY-740 Coverity static analysis: Dereference null return value in EntityUtil (Elytron)

Resolved

Assignee:: Ilia Vassilev

Reporter:: Josef Cacek (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2016/11/11 7:50 AM

Updated:: 2024/09/13 3:53 PM

Resolved:: 2017/02/17 6:10 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates