Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-8793

Coverity static analysis, dereference after null check, KeyStoreCredentialStore (Elytron)

XMLWordPrintable

      Coverity static-analysis scan found possible call on null object in KeyStoreCredentialStore class:
      https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=9564274&defectInstanceId=2359189&mergedDefectId=1402109

      In if branch where flow will get only if location is null, location is dereferenced:

      KeyStoreCredentialStore.java
      if (location != null && Files.exists(location))
            try (InputStream fileStream = Files.newInputStream(location)) {
                keyStore.load(fileStream, getStorePassword(protectionParameter));
                enumeration = keyStore.aliases();
            } catch (GeneralSecurityException | IOException e) {
                throw log.cannotInitializeCredentialStore(e);
        } else if (create) {
            try {
                keyStore.load(null, null);
                enumeration = Collections.emptyEnumeration();
            } catch (CertificateException | IOException | NoSuchAlgorithmException e) {
                throw log.cannotInitializeCredentialStore(e);
            }
        } else {
            throw log.automaticStorageCreationDisabled(location.toString());
        }

              rhn-support-ivassile Ilia Vassilev
              mchoma@redhat.com Martin Choma
              Martin Choma Martin Choma
              Martin Choma Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: