[jboss-jira] [JBoss JIRA] (WFLY-7833) Coverity: dereference null value in PermissionMapperDefinitions (Elytron subsystem)
Ilia Vassilev (JIRA)
issues at jboss.org
Wed Dec 21 11:09:00 EST 2016
[ https://issues.jboss.org/browse/WFLY-7833?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ilia Vassilev updated WFLY-7833:
--------------------------------
Component/s: Security
> Coverity: dereference null value in PermissionMapperDefinitions (Elytron subsystem)
> -----------------------------------------------------------------------------------
>
> Key: WFLY-7833
> URL: https://issues.jboss.org/browse/WFLY-7833
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Josef Cacek
> Assignee: Ilia Vassilev
> Labels: static_analysis
>
> Coverity static-analysis scan found a possilbe method call on null object in the {{PermissionMapperDefinitions.createPermission}} method.
> https://scan7.coverity.com/reports.htm#v16159/p12663/fileInstanceId=6892117&defectInstanceId=1794524&mergedDefectId=1388481
> {code:java}
> Module currentModule = Module.getCallerModule();
> if (permission.getModule() != null) {
> ModuleIdentifier mi = ModuleIdentifier.fromString(permission.getModule());
> try {
> currentModule = currentModule.getModule(mi);
> {code}
> The {{currentModule}} value returned from {{Module.getCallerModule()}} may be {{null}}. The {{getModule()}} method is called on it without the null-check.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list