[jboss-jira] [JBoss JIRA] (WFCORE-2517) Coverity, Dereference after null check (Elytron subsystem)
Ilia Vassilev (JIRA)
issues at jboss.org
Fri Mar 10 08:25:00 EST 2017
[ https://issues.jboss.org/browse/WFCORE-2517?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ilia Vassilev reassigned WFCORE-2517:
-------------------------------------
Assignee: Ilia Vassilev (was: Darran Lofthouse)
> Coverity, Dereference after null check (Elytron subsystem)
> ----------------------------------------------------------
>
> Key: WFCORE-2517
> URL: https://issues.jboss.org/browse/WFCORE-2517
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Martin Choma
> Assignee: Ilia Vassilev
>
> Coverity found possible dereference of null. In this code {{defaultPolicy}} is checked for null and in next step {{defaultPolicy.equals()}} is called.
> https://scan7.coverity.com/reports.htm#v23632/p12663/fileInstanceId=10578397&defectInstanceId=2572005&mergedDefectId=1407435
> {code:java|title=PolicyParser.java}
> boolean providerFound = defaultPolicy == null;
> while (reader.hasNext() && reader.nextTag() != END_ELEMENT) {
> verifyNamespace(reader);
> String localName = reader.getLocalName();
> switch (localName) {
> // Permission Mapper
> case JACC_POLICY:
> providerFound = defaultPolicy.equals(parseJaccPolicy(addPolicy, reader, operations)) || providerFound;
> break;
> case CUSTOM_POLICY:
> providerFound = defaultPolicy.equals(parseCustomPolicy(addPolicy, reader, operations)) || providerFound;
> break;
> default:
> throw unexpectedElement(reader);
> }
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list