yoavs 2004/08/30 13:27:35
Modified: catalina/src/share/org/apache/catalina/realm Tag: TOMCAT_5_0
RealmBase.java
webapps/docs Tag: TOMCAT_5_0 changelog.xml
Log:
Enhanced null checking in RealmBase#findSecurityConstraints: see Bugzilla 30624.
Revision Changes Path
No revision
No revision
1.33.2.1 +69 -6
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java
Index: RealmBase.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java,v
retrieving revision 1.33
retrieving revision 1.33.2.1
diff -u -r1.33 -r1.33.2.1
--- RealmBase.java 26 May 2004 15:51:25 -0000 1.33
+++ RealmBase.java 30 Aug 2004 20:27:35 -0000 1.33.2.1
@@ -417,13 +417,28 @@
boolean found = false;
for (i = 0; i < constraints.length; i++) {
SecurityCollection [] collection = constraints[i].findCollections();
-
- if (log.isDebugEnabled())
+
+ // If collection is null, continue to avoid an NPE
+ // See Bugzilla 30624
+ if ( collection == null ) {
+ continue;
+ }
+
+ if (log.isDebugEnabled()) {
log.debug(" Checking constraint '" + constraints[i] +
"' against " + method + " " + uri + " --> " +
constraints[i].included(uri, method));
+ }
+
for(int j=0; j < collection.length; j++){
String [] patterns = collection[j].findPatterns();
+
+ // If patterns is null, continue to avoid an NPE
+ // See Bugzilla 30624
+ if ( patterns == null) {
+ continue;
+ }
+
for(int k=0; k < patterns.length; k++) {
if(uri.equals(patterns[k])) {
found = true;
@@ -446,15 +461,31 @@
for (i = 0; i < constraints.length; i++) {
SecurityCollection [] collection = constraints[i].findCollections();
+
+ // If collection is null, continue to avoid an NPE
+ // See Bugzilla 30624
+ if ( collection == null ) {
+ continue;
+ }
- if (log.isDebugEnabled())
+ if (log.isDebugEnabled()) {
log.debug(" Checking constraint '" + constraints[i] +
"' against " + method + " " + uri + " --> " +
constraints[i].included(uri, method));
+ }
+
for(int j=0; j < collection.length; j++){
String [] patterns = collection[j].findPatterns();
+
+ // If patterns is null, continue to avoid an NPE
+ // See Bugzilla 30624
+ if ( patterns == null) {
+ continue;
+ }
+
boolean matched = false;
int length = -1;
+
for(int k=0; k < patterns.length; k++) {
String pattern = patterns[k];
if(pattern.startsWith("/") && pattern.endsWith("/*") &&
@@ -473,6 +504,7 @@
}
}
}
+
if(matched) {
found = true;
if(length > longest) {
@@ -481,6 +513,7 @@
}
longest = length;
}
+
if(collection[j].findMethod(method)) {
if(results == null) {
results = new ArrayList();
@@ -498,14 +531,29 @@
for (i = 0; i < constraints.length; i++) {
SecurityCollection [] collection = constraints[i].findCollections();
- if (log.isDebugEnabled())
+ // If collection is null, continue to avoid an NPE
+ // See Bugzilla 30624
+ if ( collection == null ) {
+ continue;
+ }
+
+ if (log.isDebugEnabled()) {
log.debug(" Checking constraint '" + constraints[i] +
"' against " + method + " " + uri + " --> " +
constraints[i].included(uri, method));
+ }
+
boolean matched = false;
int pos = -1;
for(int j=0; j < collection.length; j++){
String [] patterns = collection[j].findPatterns();
+
+ // If patterns is null, continue to avoid an NPE
+ // See Bugzilla 30624
+ if ( patterns == null) {
+ continue;
+ }
+
for(int k=0; k < patterns.length && !matched; k++) {
String pattern = patterns[k];
if(pattern.startsWith("*.")){
@@ -539,13 +587,28 @@
for (i = 0; i < constraints.length; i++) {
SecurityCollection [] collection = constraints[i].findCollections();
+
+ // If collection is null, continue to avoid an NPE
+ // See Bugzilla 30624
+ if ( collection == null ) {
+ continue;
+ }
- if (log.isDebugEnabled())
+ if (log.isDebugEnabled()) {
log.debug(" Checking constraint '" + constraints[i] +
"' against " + method + " " + uri + " --> " +
constraints[i].included(uri, method));
+ }
+
for(int j=0; j < collection.length; j++){
String [] patterns = collection[j].findPatterns();
+
+ // If patterns is null, continue to avoid an NPE
+ // See Bugzilla 30624
+ if ( patterns == null) {
+ continue;
+ }
+
boolean matched = false;
for(int k=0; k < patterns.length && !matched; k++) {
String pattern = patterns[k];
No revision
No revision
1.70.2.19 +3 -0 jakarta-tomcat-catalina/webapps/docs/changelog.xml
Index: changelog.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/changelog.xml,v
retrieving revision 1.70.2.18
retrieving revision 1.70.2.19
diff -u -r1.70.2.18 -r1.70.2.19
--- changelog.xml 30 Aug 2004 20:18:53 -0000 1.70.2.18
+++ changelog.xml 30 Aug 2004 20:27:35 -0000 1.70.2.19
@@ -33,6 +33,9 @@
<fix>
<bug>30763</bug>: added failOnError attribute to UndeployTask. (yoavs)
</fix>
+ <fix>
+ <bug>30624</bug>: Enhanced null checking in
RealmBase#findSecurityConstraints. (yoavs)
+ </fix>
</changelog>
</subsection>
<subsection name="Webapps">
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
