Martin Choma created ELY-1195: --------------------------------- Summary: Coverity, Dereference after null check in KeyStoreCredentialStore (Elytron) Key: ELY-1195 URL: https://issues.jboss.org/browse/ELY-1195 Project: WildFly Elytron Issue Type: Bug Reporter: Martin Choma Assignee: Darran Lofthouse Priority: Critical dataLocation is dereferenced, although it is checked on null before (could be null). Setting Critical priority as that can cover root cause of real problem with NPE. {code:java|title=KeyStoreCredentialStore.java} try { if (dataLocation != null && Files.exists(dataLocation)) { char[] password = getStorePassword(protectionParameter); try (InputStream fileStream = Files.newInputStream(dataLocation)) { if (useExternalStorage) { externalStorage.load(fileStream); } else { keyStore.load(fileStream, password); } } enumeration = keyStore.aliases(); } else { keyStore.load(null, null); enumeration = Collections.emptyEnumeration(); } } catch (GeneralSecurityException e) { throw log.cannotInitializeCredentialStore( log.internalEncryptionProblem(e, dataLocation.toString())); } {code} https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=20120... -- This message was sent by Atlassian JIRA (v7.2.3#72005)