]
David Lloyd reassigned ELY-610:
-------------------------------
Assignee: David Lloyd (was: Darran Lofthouse)
Missing null check in build() method of X509CertificateBuilder
--------------------------------------------------------------
Key: ELY-610
URL:
https://issues.jboss.org/browse/ELY-610
Project: WildFly Elytron
Issue Type: Bug
Affects Versions: 1.1.0.Beta7
Reporter: Ondrej Lukas
Assignee: David Lloyd
Labels: static_analysis
Fix For: 1.1.0.Beta8
Calling {{ASN1.oidFromSignatureAlgorithm(String)}} in
{{org.wildfly.security.x500.cert.X509CertificateBuilder.build()}} method on line 375 [1]
for unknown algorithms returns null which is assigned to {{signatureAlgorithmOid}} and
results to NPE thrown from {{derEncoder.encodeObjectIdentifier(signatureAlgorithmOid)}} on
line 377.
[1]
https://github.com/wildfly-security/wildfly-elytron/blob/e01a09572b02f33d...