This is an automated email from the ASF dual-hosted git repository.
cziegeler pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/felix-dev.git
The following commit(s) were added to refs/heads/master by this push:
new 030f9d646f FELIX-6711 : Potential NPE in HttpServletRequest.getPart
030f9d646f is described below
commit 030f9d646f5121d62880c41d0f2e2832b675fb8f
Author: Carsten Ziegeler <cziege...@apache.org>
AuthorDate: Wed Jun 12 17:30:16 2024 +0200
FELIX-6711 : Potential NPE in HttpServletRequest.getPart
---
http/wrappers-1.0.x/pom.xml | 16 ++++++++-
.../jakartawrappers/HttpServletRequestWrapper.java | 6 +++-
.../javaxwrappers/HttpServletRequestWrapper.java | 6 +++-
.../HttpServletRequestWrapperTest.java | 35 ++++++++++++++++++++
.../HttpServletRequestWrapperTest.java | 38 ++++++++++++++++++++++
.../jakartawrappers/HttpServletRequestWrapper.java | 6 +++-
.../javaxwrappers/HttpServletRequestWrapper.java | 6 +++-
.../HttpServletRequestWrapperTest.java | 35 ++++++++++++++++++++
.../HttpServletRequestWrapperTest.java | 38 ++++++++++++++++++++++
9 files changed, 181 insertions(+), 5 deletions(-)
diff --git a/http/wrappers-1.0.x/pom.xml b/http/wrappers-1.0.x/pom.xml
index 11ed0ac9f7..fc1b10fda1 100644
--- a/http/wrappers-1.0.x/pom.xml
+++ b/http/wrappers-1.0.x/pom.xml
@@ -39,7 +39,6 @@
<properties>
<felix.java.version>11</felix.java.version>
- <baseline.skip>true</baseline.skip>
</properties>
<build>
@@ -49,6 +48,21 @@
<artifactId>maven-bundle-plugin</artifactId>
<version>5.1.9</version>
<extensions>true</extensions>
+ <executions>
+ <execution>
+ <id>bundle</id>
+ <phase>package</phase>
+ <goals>
+ <goal>bundle</goal>
+ </goals>
+ </execution>
+ <execution>
+ <id>baseline</id>
+ <goals>
+ <goal>baseline</goal>
+ </goals>
+ </execution>
+ </executions>
</plugin>
</plugins>
</build>
diff --git
a/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java
b/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java
index 2967dd3c63..5916e74713 100644
---
a/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java
+++
b/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java
@@ -231,7 +231,11 @@ public class HttpServletRequestWrapper extends
ServletRequestWrapper
@Override
public Part getPart(final String name) throws IOException,
ServletException {
try {
- return new PartWrapper(this.request.getPart(name));
+ final javax.servlet.http.Part p = this.request.getPart(name);
+ if (p != null) {
+ return new PartWrapper(p);
+ }
+ return null;
} catch ( final javax.servlet.ServletException e ) {
throw ServletExceptionUtil.getServletException(e);
}
diff --git
a/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java
b/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java
index 7396e62db3..2cf055a4dd 100644
---
a/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java
+++
b/http/wrappers-1.0.x/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java
@@ -227,7 +227,11 @@ public class HttpServletRequestWrapper extends
ServletRequestWrapper
@Override
public javax.servlet.http.Part getPart(final String name) throws
IOException, javax.servlet.ServletException {
try {
- return new PartWrapper(this.request.getPart(name));
+ final Part p = this.request.getPart(name);
+ if (p != null) {
+ return new PartWrapper(p);
+ }
+ return null;
} catch ( final jakarta.servlet.ServletException e ) {
throw ServletExceptionUtil.getServletException(e);
}
diff --git
a/http/wrappers-1.0.x/src/test/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapperTest.java
b/http/wrappers-1.0.x/src/test/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapperTest.java
new file mode 100644
index 0000000000..562cc35cea
--- /dev/null
+++
b/http/wrappers-1.0.x/src/test/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapperTest.java
@@ -0,0 +1,35 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.felix.http.jakartawrappers;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import org.junit.Test;
+import org.mockito.Mockito;
+
+public class HttpServletRequestWrapperTest {
+
+ @Test public void testGetPart() throws Exception {
+ final javax.servlet.http.HttpServletRequest orig =
Mockito.mock(javax.servlet.http.HttpServletRequest.class);
+ final HttpServletRequestWrapper wrapper = new
HttpServletRequestWrapper(orig);
+ assertNull(wrapper.getPart("test"));
+
+
Mockito.when(orig.getPart("foo")).thenReturn(Mockito.mock(javax.servlet.http.Part.class));
+ assertNotNull(wrapper.getPart("foo"));
+ }
+}
diff --git
a/http/wrappers-1.0.x/src/test/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapperTest.java
b/http/wrappers-1.0.x/src/test/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapperTest.java
new file mode 100644
index 0000000000..3900094e4f
--- /dev/null
+++
b/http/wrappers-1.0.x/src/test/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapperTest.java
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.felix.http.javaxwrappers;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import org.junit.Test;
+import org.mockito.Mockito;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.Part;
+
+public class HttpServletRequestWrapperTest {
+
+ @Test public void testGetPart() throws Exception {
+ final HttpServletRequest orig = Mockito.mock(HttpServletRequest.class);
+ final HttpServletRequestWrapper wrapper = new
HttpServletRequestWrapper(orig);
+ assertNull(wrapper.getPart("test"));
+
+ Mockito.when(orig.getPart("foo")).thenReturn(Mockito.mock(Part.class));
+ assertNotNull(wrapper.getPart("foo"));
+ }
+}
diff --git
a/http/wrappers/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java
b/http/wrappers/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java
index f655bc7ef6..d971ef0bdd 100644
---
a/http/wrappers/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java
+++
b/http/wrappers/src/main/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapper.java
@@ -225,7 +225,11 @@ public class HttpServletRequestWrapper extends
ServletRequestWrapper
@Override
public Part getPart(final String name) throws IOException,
ServletException {
try {
- return new PartWrapper(this.request.getPart(name));
+ final javax.servlet.http.Part part = this.request.getPart(name);
+ if (part != null) {
+ return new PartWrapper(part);
+ }
+ return null;
} catch ( final javax.servlet.ServletException e ) {
throw ServletExceptionUtil.getServletException(e);
}
diff --git
a/http/wrappers/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java
b/http/wrappers/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java
index 32a99e4cda..b16d6c3aac 100644
---
a/http/wrappers/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java
+++
b/http/wrappers/src/main/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapper.java
@@ -226,7 +226,11 @@ public class HttpServletRequestWrapper extends
ServletRequestWrapper
@Override
public javax.servlet.http.Part getPart(final String name) throws
IOException, javax.servlet.ServletException {
try {
- return new PartWrapper(this.request.getPart(name));
+ final Part part = this.request.getPart(name);
+ if (part != null) {
+ return new PartWrapper(part);
+ }
+ return null;
} catch ( final jakarta.servlet.ServletException e ) {
throw ServletExceptionUtil.getServletException(e);
}
diff --git
a/http/wrappers/src/test/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapperTest.java
b/http/wrappers/src/test/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapperTest.java
new file mode 100644
index 0000000000..562cc35cea
--- /dev/null
+++
b/http/wrappers/src/test/java/org/apache/felix/http/jakartawrappers/HttpServletRequestWrapperTest.java
@@ -0,0 +1,35 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.felix.http.jakartawrappers;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import org.junit.Test;
+import org.mockito.Mockito;
+
+public class HttpServletRequestWrapperTest {
+
+ @Test public void testGetPart() throws Exception {
+ final javax.servlet.http.HttpServletRequest orig =
Mockito.mock(javax.servlet.http.HttpServletRequest.class);
+ final HttpServletRequestWrapper wrapper = new
HttpServletRequestWrapper(orig);
+ assertNull(wrapper.getPart("test"));
+
+
Mockito.when(orig.getPart("foo")).thenReturn(Mockito.mock(javax.servlet.http.Part.class));
+ assertNotNull(wrapper.getPart("foo"));
+ }
+}
diff --git
a/http/wrappers/src/test/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapperTest.java
b/http/wrappers/src/test/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapperTest.java
new file mode 100644
index 0000000000..3900094e4f
--- /dev/null
+++
b/http/wrappers/src/test/java/org/apache/felix/http/javaxwrappers/HttpServletRequestWrapperTest.java
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.felix.http.javaxwrappers;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import org.junit.Test;
+import org.mockito.Mockito;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.Part;
+
+public class HttpServletRequestWrapperTest {
+
+ @Test public void testGetPart() throws Exception {
+ final HttpServletRequest orig = Mockito.mock(HttpServletRequest.class);
+ final HttpServletRequestWrapper wrapper = new
HttpServletRequestWrapper(orig);
+ assertNull(wrapper.getPart("test"));
+
+ Mockito.when(orig.getPart("foo")).thenReturn(Mockito.mock(Part.class));
+ assertNotNull(wrapper.getPart("foo"));
+ }
+}
