This is an automated email from the ASF dual-hosted git repository. cziegeler pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/felix-dev.git
The following commit(s) were added to refs/heads/master by this push: new 030f9d646f FELIX-6711 : Potential NPE in HttpServletRequest.getPart 030f9d646f is described below commit 030f9d646f5121d62880c41d0f2e2832b675fb8f Author: Carsten Ziegeler <cziege...@apache.org> AuthorDate: Wed Jun 12 17:30:16 2024 +0200 FELIX-6711 : Potential NPE in HttpServletRequest.getPart --- http/wrappers-1.0.x/pom.xml | 16 ++++++++- .../jakartawrappers/HttpServletRequestWrapper.java | 6 +++- .../javaxwrappers/HttpServletRequestWrapper.java | 6 +++- .../HttpServletRequestWrapperTest.java | 35 ++++++++++++++++++++ .../HttpServletRequestWrapperTest.java | 38 ++++++++++++++++++++++ .../jakartawrappers/HttpServletRequestWrapper.java | 6 +++- .../javaxwrappers/HttpServletRequestWrapper.java | 6 +++- .../HttpServletRequestWrapperTest.java | 35 ++++++++++++++++++++ .../HttpServletRequestWrapperTest.java | 38 ++++++++++++++++++++++ 9 files changed, 181 insertions(+), 5 deletions(-) diff --git a/http/wrappers-1.0.x/pom.xml b/http/wrappers-1.0.x/pom.xml index 11ed0ac9f7..fc1b10fda1 100644 --- a/http/wrappers-1.0.x/pom.xml +++ b/http/wrappers-1.0.x/pom.xml @@ -39,7 +39,6 @@ <properties> <felix.java.version>11</felix.java.version> - <baseline.skip>true</baseline.skip> </properties> <build> @@ -49,6 +48,21 @@ <artifactId>maven-bundle-plugin</artifactId> <version>5.1.9</version> <extensions>true</extensions> + <executions> + <execution> + <id>bundle</id> + <phase>package</phase> + <goals> + <goal>bundle</goal> + </goals> + </execution> + <execution> + <id>baseline</id> + <goals> + <goal>baseline</goal> + </goals> + </execution> + </executions> </plugin> </plugins> </build> diff --git a/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java b/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java index 2967dd3c63..5916e74713 100644 --- a/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java +++ b/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java @@ -231,7 +231,11 @@ public class HttpServletRequestWrapper extends ServletRequestWrapper @Override public Part getPart(final String name) throws IOException, ServletException { try { - return new PartWrapper(this.request.getPart(name)); + final javax.servlet.http.Part p = this.request.getPart(name); + if (p != null) { + return new PartWrapper(p); + } + return null; } catch ( final javax.servlet.ServletException e ) { throw ServletExceptionUtil.getServletException(e); } diff --git a/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java b/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java index 7396e62db3..2cf055a4dd 100644 --- a/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java +++ b/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java @@ -227,7 +227,11 @@ public class HttpServletRequestWrapper extends ServletRequestWrapper @Override public javax.servlet.http.Part getPart(final String name) throws IOException, javax.servlet.ServletException { try { - return new PartWrapper(this.request.getPart(name)); + final Part p = this.request.getPart(name); + if (p != null) { + return new PartWrapper(p); + } + return null; } catch ( final jakarta.servlet.ServletException e ) { throw ServletExceptionUtil.getServletException(e); } diff --git a/http/wrappers-1.0.x/src/test/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapperTest.java b/http/wrappers-1.0.x/src/test/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapperTest.java new file mode 100644 index 0000000000..562cc35cea --- /dev/null +++ b/http/wrappers-1.0.x/src/test/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapperTest.java @@ -0,0 +1,35 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.felix.http.jakartawrappers; + +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +import org.junit.Test; +import org.mockito.Mockito; + +public class HttpServletRequestWrapperTest { + + @Test public void testGetPart() throws Exception { + final javax.servlet.http.HttpServletRequest orig = Mockito.mock(javax.servlet.http.HttpServletRequest.class); + final HttpServletRequestWrapper wrapper = new HttpServletRequestWrapper(orig); + assertNull(wrapper.getPart("test")); + + Mockito.when(orig.getPart("foo")).thenReturn(Mockito.mock(javax.servlet.http.Part.class)); + assertNotNull(wrapper.getPart("foo")); + } +} diff --git a/http/wrappers-1.0.x/src/test/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapperTest.java b/http/wrappers-1.0.x/src/test/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapperTest.java new file mode 100644 index 0000000000..3900094e4f --- /dev/null +++ b/http/wrappers-1.0.x/src/test/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapperTest.java @@ -0,0 +1,38 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.felix.http.javaxwrappers; + +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +import org.junit.Test; +import org.mockito.Mockito; + +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.Part; + +public class HttpServletRequestWrapperTest { + + @Test public void testGetPart() throws Exception { + final HttpServletRequest orig = Mockito.mock(HttpServletRequest.class); + final HttpServletRequestWrapper wrapper = new HttpServletRequestWrapper(orig); + assertNull(wrapper.getPart("test")); + + Mockito.when(orig.getPart("foo")).thenReturn(Mockito.mock(Part.class)); + assertNotNull(wrapper.getPart("foo")); + } +} diff --git a/http/wrappers/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java b/http/wrappers/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java index f655bc7ef6..d971ef0bdd 100644 --- a/http/wrappers/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java +++ b/http/wrappers/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java @@ -225,7 +225,11 @@ public class HttpServletRequestWrapper extends ServletRequestWrapper @Override public Part getPart(final String name) throws IOException, ServletException { try { - return new PartWrapper(this.request.getPart(name)); + final javax.servlet.http.Part part = this.request.getPart(name); + if (part != null) { + return new PartWrapper(part); + } + return null; } catch ( final javax.servlet.ServletException e ) { throw ServletExceptionUtil.getServletException(e); } diff --git a/http/wrappers/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java b/http/wrappers/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java index 32a99e4cda..b16d6c3aac 100644 --- a/http/wrappers/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java +++ b/http/wrappers/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java @@ -226,7 +226,11 @@ public class HttpServletRequestWrapper extends ServletRequestWrapper @Override public javax.servlet.http.Part getPart(final String name) throws IOException, javax.servlet.ServletException { try { - return new PartWrapper(this.request.getPart(name)); + final Part part = this.request.getPart(name); + if (part != null) { + return new PartWrapper(part); + } + return null; } catch ( final jakarta.servlet.ServletException e ) { throw ServletExceptionUtil.getServletException(e); } diff --git a/http/wrappers/src/test/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapperTest.java b/http/wrappers/src/test/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapperTest.java new file mode 100644 index 0000000000..562cc35cea --- /dev/null +++ b/http/wrappers/src/test/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapperTest.java @@ -0,0 +1,35 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.felix.http.jakartawrappers; + +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +import org.junit.Test; +import org.mockito.Mockito; + +public class HttpServletRequestWrapperTest { + + @Test public void testGetPart() throws Exception { + final javax.servlet.http.HttpServletRequest orig = Mockito.mock(javax.servlet.http.HttpServletRequest.class); + final HttpServletRequestWrapper wrapper = new HttpServletRequestWrapper(orig); + assertNull(wrapper.getPart("test")); + + Mockito.when(orig.getPart("foo")).thenReturn(Mockito.mock(javax.servlet.http.Part.class)); + assertNotNull(wrapper.getPart("foo")); + } +} diff --git a/http/wrappers/src/test/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapperTest.java b/http/wrappers/src/test/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapperTest.java new file mode 100644 index 0000000000..3900094e4f --- /dev/null +++ b/http/wrappers/src/test/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapperTest.java @@ -0,0 +1,38 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.felix.http.javaxwrappers; + +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +import org.junit.Test; +import org.mockito.Mockito; + +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.Part; + +public class HttpServletRequestWrapperTest { + + @Test public void testGetPart() throws Exception { + final HttpServletRequest orig = Mockito.mock(HttpServletRequest.class); + final HttpServletRequestWrapper wrapper = new HttpServletRequestWrapper(orig); + assertNull(wrapper.getPart("test")); + + Mockito.when(orig.getPart("foo")).thenReturn(Mockito.mock(Part.class)); + assertNotNull(wrapper.getPart("foo")); + } +}