]
Jan Kalina updated ELY-751:
---------------------------
Comment: was deleted
(was: I think you can put anything into type - it is not used on any other place
maybe lets just put "new LdapKeyStore(spi, null, "LdapRealm");"
instead (for example))
Coverity static analysis: Explicit null dereferenced in LdapKeyStore
(Elytron)
------------------------------------------------------------------------------
Key: ELY-751
URL:
https://issues.jboss.org/browse/ELY-751
Project: WildFly Elytron
Issue Type: Bug
Reporter: Josef Cacek
Assignee: Ilia Vassilev
Priority: Critical
Labels: static_analysis
Coverity static-analysis scan found possible use of null object in {{LdapKeyStore}}
constructor.
https://scan7.coverity.com/reports.htm#v16159/p11778/fileInstanceId=57601...
The {{LdapKeyStore.Builder.build()}} method constructs the {{LdapKeyStore}} instance this
way:
{code}
return new LdapKeyStore(spi, null, null);
{code}
and the constructor just calls parent ctor:
{code}
protected LdapKeyStore(KeyStoreSpi keyStoreSpi, Provider provider, String type) {
super(keyStoreSpi, provider, type);
}
{code}
And it fails with NPE if debug for {{KeyStore}} is enabled as the constructor contains:
{code}
if (!skipDebug && pdebug != null) {
pdebug.println("KeyStore." + type.toUpperCase() + " type from:
" +
this.provider.getName());
}
{code}