[ranger] branch master updated: RANGER-3427: Null Dereference in PublicApis.java

Fri, 10 Dec 2021 00:52:50 -0800 

This is an automated email from the ASF dual-hosted git repository.

pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new 07b2931  RANGER-3427: Null Dereference in PublicApis.java
07b2931 is described below

commit 07b293187838c00073a34ba63b50bbeff7069e89
Author: Mallika Gogoi <mallikagog...@gmail.com>
AuthorDate: Fri Dec 10 12:40:22 2021 +0530

    RANGER-3427: Null Dereference in PublicApis.java
    
    Signed-off-by: pradeep <prad...@apache.org>
---
 .../src/main/java/org/apache/ranger/rest/PublicAPIs.java     | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git 
a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java 
b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java
index 7df9579..bdbbc9c 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java
@@ -40,6 +40,7 @@ import org.springframework.transaction.annotation.Propagation;
 import org.springframework.transaction.annotation.Transactional;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import javax.ws.rs.*;
 import javax.ws.rs.core.Context;
 
@@ -263,7 +264,10 @@ public class PublicAPIs {
                if(logger.isDebugEnabled()) {
                        logger.debug("==> PublicAPIs.createPolicy()");
                }
-               
+
+               if(vXPolicy == null) {
+                   throw 
restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, "Policy 
object is null in create policy api", false);
+               }
                RangerService service = 
serviceREST.getServiceByName(vXPolicy.getRepositoryName());
                RangerPolicy  policy  = 
serviceUtil.toRangerPolicy(vXPolicy,service);
 
@@ -293,7 +297,11 @@ public class PublicAPIs {
                if(logger.isDebugEnabled()) {
                        logger.debug("==> PublicAPIs.updatePolicy(): "  + 
vXPolicy );
                }
-               
+
+               if(vXPolicy == null) {
+                       throw 
restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, "Policy 
object is null in update policy api", false);
+               }
+
                XXPolicy existing = daoMgr.getXXPolicy().getById(id);
                if(existing == null) {
                        throw restErrorUtil.createRESTException("Policy not 
found for Id: " + id, MessageEnums.DATA_NOT_FOUND);

Reply via email to