[jboss-jira] [JBoss JIRA] Created: (JBID-37) Some minor bugs

Marc Schoenefeld (JIRA) jira-events at lists.jboss.org
Mon Jan 26 15:07:44 EST 2009 

Some minor bugs
---------------

                 Key: JBID-37
                 URL: https://jira.jboss.org/jira/browse/JBID-37
             Project: JBoss Identity
          Issue Type: Bug
    Affects Versions: 1.0.0.alpha1
            Reporter: Marc Schoenefeld
            Assignee: Anil Saldhana


1) Possible NPE with ldapContext

public class LDAPIdentityStoreImpl implements IdentityStore
{

 public List<SearchResult> searchIdentityObjects(IdentityStoreInvocationContext ctx,
                                                   String[] entryCtxs,
                                                   String filter,
                                                   Object[] filterArgs,
                                                   String[] returningAttributes,
                                                   Control[] requestControls) throws NamingException, IdentityException
   {

      LdapContext ldapContext = getLDAPContext(ctx);

      if (ldapContext != null)
      {
         ldapContext.setRequestControls(requestControls);
      }

      NamingEnumeration results = null;

      try
      {

         SearchControls searchControls = new SearchControls();
         searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
         searchControls.setReturningObjFlag(true);
         searchControls.setTimeLimit(getConfiguration(ctx).getSearchTimeLimit());


         if (returningAttributes != null)
         {
            searchControls.setReturningAttributes(returningAttributes);
         }


         if (entryCtxs.length == 1)
         {
            if (filterArgs == null)
            {
               results = ldapContext.search(entryCtxs[0], filter, searchControls);
            }
            else
            {
               results = ldapContext.search(entryCtxs[0], filter, filterArgs, searchControls);
            }
            return Tools.toList(results);

2) Credentials object not immutable, "value" can be changed after  creation, 

public class BinaryCredential extends AbstractCredential
{
   private final byte[] value;

   public static final SimpleCredentialType TYPE = new SimpleCredentialType("BINARY");

   public BinaryCredential(byte[] value)
   {
      super(TYPE);
==>      this.value = value;
better   this.value = value.clone();

same with public class SimpleLDAPIdentityObjectTypeConfiguration : ctxDNS

   public String[] getCtxDNs() : better return clone, don't let untrusted code modify ctxdns 

dito for SimpleLDAPIdentityObjectTypeConfiguration.allowedMembershipTypes and also in other places where mutable arrays are returned 


3) Dead code: 
 - object result in HibernateIdentityStoreImpl.getAttribute is useless
 - object iot in PersistenceManagerImpl.removeIdentity is useless
 - object names in HibernateIdentityStoreImpl.getRelationshipNames is useless



-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list