yoavs 2004/08/30 13:27:35 Modified: catalina/src/share/org/apache/catalina/realm Tag: TOMCAT_5_0 RealmBase.java webapps/docs Tag: TOMCAT_5_0 changelog.xml Log: Enhanced null checking in RealmBase#findSecurityConstraints: see Bugzilla 30624. Revision Changes Path No revision No revision 1.33.2.1 +69 -6 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java Index: RealmBase.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java,v retrieving revision 1.33 retrieving revision 1.33.2.1 diff -u -r1.33 -r1.33.2.1 --- RealmBase.java 26 May 2004 15:51:25 -0000 1.33 +++ RealmBase.java 30 Aug 2004 20:27:35 -0000 1.33.2.1 @@ -417,13 +417,28 @@ boolean found = false; for (i = 0; i < constraints.length; i++) { SecurityCollection [] collection = constraints[i].findCollections(); - - if (log.isDebugEnabled()) + + // If collection is null, continue to avoid an NPE + // See Bugzilla 30624 + if ( collection == null ) { + continue; + } + + if (log.isDebugEnabled()) { log.debug(" Checking constraint '" + constraints[i] + "' against " + method + " " + uri + " --> " + constraints[i].included(uri, method)); + } + for(int j=0; j < collection.length; j++){ String [] patterns = collection[j].findPatterns(); + + // If patterns is null, continue to avoid an NPE + // See Bugzilla 30624 + if ( patterns == null) { + continue; + } + for(int k=0; k < patterns.length; k++) { if(uri.equals(patterns[k])) { found = true; @@ -446,15 +461,31 @@ for (i = 0; i < constraints.length; i++) { SecurityCollection [] collection = constraints[i].findCollections(); + + // If collection is null, continue to avoid an NPE + // See Bugzilla 30624 + if ( collection == null ) { + continue; + } - if (log.isDebugEnabled()) + if (log.isDebugEnabled()) { log.debug(" Checking constraint '" + constraints[i] + "' against " + method + " " + uri + " --> " + constraints[i].included(uri, method)); + } + for(int j=0; j < collection.length; j++){ String [] patterns = collection[j].findPatterns(); + + // If patterns is null, continue to avoid an NPE + // See Bugzilla 30624 + if ( patterns == null) { + continue; + } + boolean matched = false; int length = -1; + for(int k=0; k < patterns.length; k++) { String pattern = patterns[k]; if(pattern.startsWith("/") && pattern.endsWith("/*") && @@ -473,6 +504,7 @@ } } } + if(matched) { found = true; if(length > longest) { @@ -481,6 +513,7 @@ } longest = length; } + if(collection[j].findMethod(method)) { if(results == null) { results = new ArrayList(); @@ -498,14 +531,29 @@ for (i = 0; i < constraints.length; i++) { SecurityCollection [] collection = constraints[i].findCollections(); - if (log.isDebugEnabled()) + // If collection is null, continue to avoid an NPE + // See Bugzilla 30624 + if ( collection == null ) { + continue; + } + + if (log.isDebugEnabled()) { log.debug(" Checking constraint '" + constraints[i] + "' against " + method + " " + uri + " --> " + constraints[i].included(uri, method)); + } + boolean matched = false; int pos = -1; for(int j=0; j < collection.length; j++){ String [] patterns = collection[j].findPatterns(); + + // If patterns is null, continue to avoid an NPE + // See Bugzilla 30624 + if ( patterns == null) { + continue; + } + for(int k=0; k < patterns.length && !matched; k++) { String pattern = patterns[k]; if(pattern.startsWith("*.")){ @@ -539,13 +587,28 @@ for (i = 0; i < constraints.length; i++) { SecurityCollection [] collection = constraints[i].findCollections(); + + // If collection is null, continue to avoid an NPE + // See Bugzilla 30624 + if ( collection == null ) { + continue; + } - if (log.isDebugEnabled()) + if (log.isDebugEnabled()) { log.debug(" Checking constraint '" + constraints[i] + "' against " + method + " " + uri + " --> " + constraints[i].included(uri, method)); + } + for(int j=0; j < collection.length; j++){ String [] patterns = collection[j].findPatterns(); + + // If patterns is null, continue to avoid an NPE + // See Bugzilla 30624 + if ( patterns == null) { + continue; + } + boolean matched = false; for(int k=0; k < patterns.length && !matched; k++) { String pattern = patterns[k]; No revision No revision 1.70.2.19 +3 -0 jakarta-tomcat-catalina/webapps/docs/changelog.xml Index: changelog.xml =================================================================== RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/changelog.xml,v retrieving revision 1.70.2.18 retrieving revision 1.70.2.19 diff -u -r1.70.2.18 -r1.70.2.19 --- changelog.xml 30 Aug 2004 20:18:53 -0000 1.70.2.18 +++ changelog.xml 30 Aug 2004 20:27:35 -0000 1.70.2.19 @@ -33,6 +33,9 @@ <fix> <bug>30763</bug>: added failOnError attribute to UndeployTask. (yoavs) </fix> + <fix> + <bug>30624</bug>: Enhanced null checking in RealmBase#findSecurityConstraints. (yoavs) + </fix> </changelog> </subsection> <subsection name="Webapps">
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]