[jira] [Created] (KNOX-740) Address new coverity scan issues

Sumit Gupta (JIRA) Fri, 19 Aug 2016 10:24:47 -0700

Sumit Gupta created KNOX-740:
--------------------------------

             Summary: Address new coverity scan issues
                 Key: KNOX-740
                 URL: https://issues.apache.org/jira/browse/KNOX-740
             Project: Apache Knox
          Issue Type: Bug
            Reporter: Sumit Gupta
             Fix For: 0.10.0



 New defect(s) Reported-by: Coverity Scan
    Showing 3 of 3 defect(s)
    
    
    ** CID 1361684:  Null pointer dereferences  (NULL_RETURNS)
    
/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
 140 in 
org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
    
    
    
________________________________________________________________________________________________________
    *** CID 1361684:  Null pointer dereferences  (NULL_RETURNS)
    
/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
 140 in 
org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
    134                         ShiroLog.failedLoginAttempt(e.getCause());
    135                         throw new AuthenticationException(e);
    136                 }
    137                 HashRequest.Builder builder = new HashRequest.Builder();
    138                 Hash credentialsHash = hashService
    139                                 
.computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
    >>>     CID 1361684:  Null pointer dereferences  (NULL_RETURNS)
    >>>     Calling a method on null object "credentialsHash".
    140                 return new SimpleAuthenticationInfo(new 
UnixUserPrincipal(user) , credentialsHash.toHex(), credentialsHash.getSalt(),
    141                                 getName());
    142         }
    143    
    
    ** CID 1361683:  Null pointer dereferences  (NULL_RETURNS)
    
/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
 71 in 
org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
 javax.servlet.ServletResponse, javax.servlet.FilterChain)()
    
    
    
________________________________________________________________________________________________________
    *** CID 1361683:  Null pointer dereferences  (NULL_RETURNS)
    
/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
 71 in 
org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
 javax.servlet.ServletResponse, javax.servlet.FilterChain)()
    65         Subject subject = SecurityUtils.getSubject();
    66        
    67         // trigger call to shiro authorization realm
    68         // we use shiro authorization realm to look up groups
    69         subject.hasRole("authenticatedUser");
    70        
    >>>     CID 1361683:  Null pointer dereferences  (NULL_RETURNS)
    >>>     Calling a method on null object "subject.getPrincipal()".
    71         final String principalName = (String) 
subject.getPrincipal().toString();
    72    
    73         CallableChain callableChain = new CallableChain(request, 
response, chain);
    74         SecurityUtils.getSubject().execute(callableChain);
    75       }
    76      
    
    ** CID 1361682:  Null pointer dereferences  (FORWARD_NULL)
    
/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
 119 in 
org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
    
    
    
________________________________________________________________________________________________________
    *** CID 1361682:  Null pointer dereferences  (FORWARD_NULL)
    
/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
 119 in 
org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
    113                 UnixUserPrincipal user = 
principals.oneByType(UnixUserPrincipal.class);
    114                 if (user != null) {
    115                         roles.addAll(user.getUnixUser().getGroups());
    116                 }
    117                 
SecurityUtils.getSubject().getSession().setAttribute(SUBJECT_USER_ROLES, roles);
    118                 
SecurityUtils.getSubject().getSession().setAttribute(SUBJECT_USER_GROUPS, 
roles);
    >>>     CID 1361682:  Null pointer dereferences  (FORWARD_NULL)
    >>>     Calling a method on null object "user".
    119                 GatewayLog.lookedUpUserRoles(roles, user.getName());
    120                 return new SimpleAuthorizationInfo(roles);
    121         }
    122    
    123         @Override
    124         protected AuthenticationInfo 
doGetAuthenticationInfo(AuthenticationToken token) throws 
AuthenticationException {
    
    



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (KNOX-740) Address new coverity scan issues

Reply via email to