[jboss-jira] [JBoss JIRA] (ELY-1552) Coverity, Reliance on default encoding in DigestAuthenticationMechanism.
Ilia Vassilev (JIRA)
issues at jboss.org
Mon Mar 26 15:33:02 EDT 2018
Ilia Vassilev created ELY-1552:
----------------------------------
Summary: Coverity, Reliance on default encoding in DigestAuthenticationMechanism.
Key: ELY-1552
URL: https://issues.jboss.org/browse/ELY-1552
Project: WildFly Elytron
Issue Type: Bug
Affects Versions: 1.2.4.Final
Reporter: Ilia Vassilev
Assignee: Ilia Vassilev
Priority: Minor
In org.wildfly.security.http.impl.DigestAuthenticationMechanism.digestUriMatchesRequestUri(org.wildfly.security.http.HttpServerRequest, byte[]): Found a call to a method which will perform a byte to String (or String to byte) conversion, and will assume that the default platform encoding is suitable.
{code}
private boolean digestUriMatchesRequestUri(HttpServerRequest request, byte[] digestUri) {
if (!validateUri) {
return true;
}
java.net.URI requestURI = request.getRequestURI();
String digestUriStr = new String(digestUri);
{code}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list