summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAbhishek Koneru <akoneru@redhat.com>2012-05-31 17:04:47 -0400
committerEndi Sukma Dewata <edewata@redhat.com>2012-06-05 14:46:04 -0500
commitc2128339ba046ceb7ab32954ae07dbb4b41d4e73 (patch)
tree78b83b2992faa71ad57e83d60b25dda1470c4a0b
parent500fe4441a5d458818138cc9b536c3b19ac23dc8 (diff)
downloadpki-c2128339ba046ceb7ab32954ae07dbb4b41d4e73.tar.gz
pki-c2128339ba046ceb7ab32954ae07dbb4b41d4e73.tar.xz
pki-c2128339ba046ceb7ab32954ae07dbb4b41d4e73.zip
Fixes for Null_Returns Cases - 1 For Commit
-rw-r--r--base/ca/src/com/netscape/ca/CAService.java3
-rw-r--r--base/ca/src/com/netscape/ca/CRLIssuingPoint.java141
-rw-r--r--base/common/src/UserMessages.properties3
-rw-r--r--base/common/src/com/netscape/certsrv/util/StatsEvent.java30
-rw-r--r--base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java4
-rw-r--r--base/common/src/com/netscape/cmscore/cert/CrossCertPairSubsystem.java12
-rw-r--r--base/common/src/com/netscape/cmscore/connector/HttpPKIMessage.java3
-rw-r--r--base/common/src/com/netscape/cmscore/connector/RequestTransfer.java7
-rw-r--r--base/common/src/com/netscape/cmscore/dbs/DBRegistry.java15
-rw-r--r--base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java7
-rw-r--r--base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java23
-rw-r--r--base/common/src/com/netscape/cmscore/logging/LogSubsystem.java4
-rw-r--r--base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java8
-rw-r--r--base/common/src/com/netscape/cmscore/security/CertificateInfo.java3
-rw-r--r--base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java13
-rw-r--r--base/kra/src/com/netscape/kra/EnrollmentService.java7
-rw-r--r--base/util/src/com/netscape/cmsutil/http/HttpMessage.java6
-rw-r--r--base/util/src/netscape/security/util/PrettyPrintFormat.java3
-rw-r--r--base/util/src/netscape/security/x509/KeyUsageExtension.java7
19 files changed, 167 insertions, 132 deletions
diff --git a/base/ca/src/com/netscape/ca/CAService.java b/base/ca/src/com/netscape/ca/CAService.java
index 21702d90c..12011ced4 100644
--- a/base/ca/src/com/netscape/ca/CAService.java
+++ b/base/ca/src/com/netscape/ca/CAService.java
@@ -1500,6 +1500,9 @@ class getCertsForChallenge implements IServant {
throws EBaseException {
BigInteger[] serialNoArray =
request.getExtDataInBigIntegerArray(CAService.SERIALNO_ARRAY);
+ if (serialNoArray == null) {
+ throw new ECAException(CMS.getLogMessage("CMS_CA_MISSING_SERIAL_NUMBER"));
+ }
X509CertImpl[] certs = new X509CertImpl[serialNoArray.length];
for (int i = 0; i < serialNoArray.length; i++) {
diff --git a/base/ca/src/com/netscape/ca/CRLIssuingPoint.java b/base/ca/src/com/netscape/ca/CRLIssuingPoint.java
index ff61970f9..56dcc2457 100644
--- a/base/ca/src/com/netscape/ca/CRLIssuingPoint.java
+++ b/base/ca/src/com/netscape/ca/CRLIssuingPoint.java
@@ -756,8 +756,9 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable {
* Initializes CRL cache and republishes CRL if requested
* Called from auto update thread (run()).
* Do not call it from init(), because it will block CMS on start.
+ * @throws EBaseException
*/
- private void initCRL() {
+ private void initCRL() throws EBaseException {
ICRLIssuingPointRecord crlRecord = null;
mLastCacheUpdate = System.currentTimeMillis() + mCacheUpdateInterval;
@@ -1709,60 +1710,65 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable {
((mEnableDailyUpdates && mDailyUpdates != null &&
mTimeListSize > 0) ||
(mEnableUpdateFreq && mAutoUpdateInterval > 0));
+ try {
+ if (mInitialized == CRL_IP_NOT_INITIALIZED)
+ initCRL();
- if (mInitialized == CRL_IP_NOT_INITIALIZED)
- initCRL();
- if (mInitialized == CRL_IP_INITIALIZED && (!mEnable))
- break;
+ if (mInitialized == CRL_IP_INITIALIZED && (!mEnable))
+ break;
- if ((mEnableCRLUpdates && mDoManualUpdate) || mDoLastAutoUpdate) {
- delay = 0;
- } else if (scheduledUpdates) {
- delay = findNextUpdate(true, false);
- }
-
- if (mEnableCRLCache && mCacheUpdateInterval > 0) {
- delay2 = mLastCacheUpdate + mCacheUpdateInterval -
- System.currentTimeMillis();
- if (delay2 < delay ||
- (!(scheduledUpdates || mDoLastAutoUpdate ||
- (mEnableCRLUpdates && mDoManualUpdate)))) {
- delay = delay2;
- if (delay <= 0) {
- doCacheUpdate = true;
- mLastCacheUpdate = System.currentTimeMillis();
+ if ((mEnableCRLUpdates && mDoManualUpdate) || mDoLastAutoUpdate) {
+ delay = 0;
+ } else if (scheduledUpdates) {
+ delay = findNextUpdate(true, false);
+ }
+
+ if (mEnableCRLCache && mCacheUpdateInterval > 0) {
+ delay2 = mLastCacheUpdate + mCacheUpdateInterval -
+ System.currentTimeMillis();
+ if (delay2 < delay ||
+ (!(scheduledUpdates || mDoLastAutoUpdate ||
+ (mEnableCRLUpdates && mDoManualUpdate)))) {
+ delay = delay2;
+ if (delay <= 0) {
+ doCacheUpdate = true;
+ mLastCacheUpdate = System.currentTimeMillis();
+ }
}
}
- }
- if (delay > 0) {
- try {
- wait(delay);
- } catch (InterruptedException e) {
- }
- } else {
- try {
- if (doCacheUpdate) {
- updateCRLCacheRepository();
- } else if (mAutoUpdateInterval > 0 || mDoLastAutoUpdate || mDoManualUpdate) {
- updateCRL();
+ if (delay > 0) {
+ try {
+ wait(delay);
+ } catch (InterruptedException e) {
}
- } catch (Exception e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ISSUING_CRL",
- (doCacheUpdate) ? "update CRL cache" : "update CRL", e.toString()));
- if (Debug.on()) {
- Debug.trace((doCacheUpdate) ? "update CRL cache" : "update CRL" + " error " + e);
- Debug.printStackTrace(e);
+ } else {
+ try {
+ if (doCacheUpdate) {
+ updateCRLCacheRepository();
+ } else if (mAutoUpdateInterval > 0 || mDoLastAutoUpdate || mDoManualUpdate) {
+ updateCRL();
+ }
+ } catch (Exception e) {
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ISSUING_CRL",
+ (doCacheUpdate) ? "update CRL cache" : "update CRL", e.toString()));
+ if (Debug.on()) {
+ Debug.trace((doCacheUpdate) ? "update CRL cache" : "update CRL" + " error " + e);
+ Debug.printStackTrace(e);
+ }
+ }
+ // put this here to prevent continuous loop if internal
+ // db is down.
+ if (mDoLastAutoUpdate)
+ mDoLastAutoUpdate = false;
+ if (mDoManualUpdate) {
+ mDoManualUpdate = false;
+ mSignatureAlgorithmForManualUpdate = null;
}
}
- // put this here to prevent continuous loop if internal
- // db is down.
- if (mDoLastAutoUpdate)
- mDoLastAutoUpdate = false;
- if (mDoManualUpdate) {
- mDoManualUpdate = false;
- mSignatureAlgorithmForManualUpdate = null;
- }
+ } catch (EBaseException e1) {
+ // TODO Auto-generated catch block
+ e1.printStackTrace();
}
}
}
@@ -1886,8 +1892,9 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable {
/**
* recovers CRL cache
+ * @throws EBaseException
*/
- private void recoverCRLCache() {
+ private void recoverCRLCache() throws EBaseException {
if (mEnableCacheRecovery) {
// 553815 - original filter was not aligned with any VLV index
// String filter = "(&(requeststate=complete)"+
@@ -1926,25 +1933,41 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable {
if (IRequest.REVOCATION_REQUEST.equals(request.getRequestType())) {
RevokedCertImpl revokedCert[] =
request.getExtDataInRevokedCertArray(IRequest.CERT_INFO);
- for (int j = 0; j < revokedCert.length; j++) {
- if (Debug.on()) {
- Debug.trace("recoverCRLCache R j=" + j + " length=" + revokedCert.length +
+ if (revokedCert != null) {
+ for (int j = 0; j < revokedCert.length; j++) {
+ if (Debug.on()) {
+ Debug.trace("recoverCRLCache R j=" + j + " length=" + revokedCert.length +
" SerialNumber=0x" + revokedCert[j].getSerialNumber().toString(16));
+ }
+ if (cp != null)
+ includeCert = cp.checkRevokedCertExtensions(revokedCert[j].getExtensions());
+ if (includeCert) {
+ updateRevokedCert(REVOKED_CERT, revokedCert[j].getSerialNumber(), revokedCert[j]);
+ }
}
- if (cp != null)
- includeCert = cp.checkRevokedCertExtensions(revokedCert[j].getExtensions());
- if (includeCert) {
- updateRevokedCert(REVOKED_CERT, revokedCert[j].getSerialNumber(), revokedCert[j]);
+ } else {
+ if (Debug.on()) {
+ Debug.trace("Revocation Request : Revoked Certificates is a Null or has Invalid Values");
}
+ log(ILogger.LL_FAILURE, "Revoked Certificates is a Null or has Invalid Values");
+ throw new EBaseException("Revocation Request : Revoked Certificates is a Null or has Invalid Values");
}
} else if (IRequest.UNREVOCATION_REQUEST.equals(request.getRequestType())) {
BigInteger serialNo[] = request.getExtDataInBigIntegerArray(IRequest.OLD_SERIALS);
- for (int j = 0; j < serialNo.length; j++) {
- if (Debug.on()) {
- Debug.trace("recoverCRLCache U j=" + j + " length=" + serialNo.length +
+ if (serialNo != null) {
+ for (int j = 0; j < serialNo.length; j++) {
+ if (Debug.on()) {
+ Debug.trace("recoverCRLCache U j=" + j + " length=" + serialNo.length +
" SerialNumber=0x" + serialNo[j].toString(16));
+ }
+ updateRevokedCert(UNREVOKED_CERT, serialNo[j], null);
+ }
+ } else {
+ if (Debug.on()) {
+ Debug.trace("Unrevocation Request : Serial Numbers is a Null or has Invalid Values");
}
- updateRevokedCert(UNREVOKED_CERT, serialNo[j], null);
+ log(ILogger.LL_FAILURE, "Unrevocation Request : Serial Numbers is a Null or has Invalid Values");
+ throw new EBaseException("Unrevocation Request : Serial Numbers is a Null or has Invalid Values");
}
}
}
diff --git a/base/common/src/UserMessages.properties b/base/common/src/UserMessages.properties
index 1c78c98ce..694c31d65 100644
--- a/base/common/src/UserMessages.properties
+++ b/base/common/src/UserMessages.properties
@@ -50,7 +50,7 @@ CMS_INVALID_OPERATION=Invalid operation
# ProcessCertReq servlet
# ProcessReq servelt
#######################################################
-CMS_BASE_CERT_NOT_FOUND=Certificate not found
+CMS_BASE_CERT_NOT_FOUND=Certificate not found or invalid
CMS_BASE_ENCODE_CERT_FAILED=Failed to encode certificate
CMS_BASE_NOT_TOKEN_CERT=The certificate being deleted is not a token certificate
CMS_BASE_CERT_ERROR=Certificate Error: {0}
@@ -459,6 +459,7 @@ CMS_DBS_SETBACK_MAXSERIAL=The serial number is already in use.\nYou can only set
CMS_DBS_LDIF_FAILED=Failed to create ldif file: {0}
CMS_DBS_COPY_LDIF_FAILED=Failed to copy ldif file: {0}
CMS_DBS_RECORD_NOT_FOUND=Record not found
+CMS_DBS_MISSING_OBJECT_CLASS=Missing Object Class
#######################################################
# Jobs
#
diff --git a/base/common/src/com/netscape/certsrv/util/StatsEvent.java b/base/common/src/com/netscape/certsrv/util/StatsEvent.java
index 3ee6e0d30..c431a3908 100644
--- a/base/common/src/com/netscape/certsrv/util/StatsEvent.java
+++ b/base/common/src/com/netscape/certsrv/util/StatsEvent.java
@@ -18,6 +18,8 @@
package com.netscape.certsrv.util;
import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
import java.util.Vector;
/**
@@ -34,7 +36,7 @@ public class StatsEvent {
private long mTimeTaken = 0;
private long mTimeTakenSqSum = 0;
private long mNoOfOperations = 0;
- private Vector<StatsEvent> mSubEvents = new Vector<StatsEvent>();
+ private Map<String,StatsEvent> mSubEvents = new HashMap<String,StatsEvent>();
private StatsEvent mParent = null;
public StatsEvent(StatsEvent parent) {
@@ -53,7 +55,7 @@ public class StatsEvent {
}
public void addSubEvent(StatsEvent st) {
- mSubEvents.addElement(st);
+ mSubEvents.put(st.getName(), st);
}
/**
@@ -61,10 +63,8 @@ public class StatsEvent {
*/
public Enumeration<String> getSubEventNames() {
Vector<String> names = new Vector<String>();
- Enumeration<StatsEvent> e = mSubEvents.elements();
- while (e.hasMoreElements()) {
- StatsEvent st = e.nextElement();
- names.addElement(st.getName());
+ for (String s : mSubEvents.keySet()) {
+ names.add(s);
}
return names.elements();
}
@@ -73,14 +73,7 @@ public class StatsEvent {
* Retrieves a sub transaction.
*/
public StatsEvent getSubEvent(String name) {
- Enumeration<StatsEvent> e = mSubEvents.elements();
- while (e.hasMoreElements()) {
- StatsEvent st = e.nextElement();
- if (st.getName().equals(name)) {
- return st;
- }
- }
- return null;
+ return mSubEvents.get(name);
}
public void resetCounters() {
@@ -89,11 +82,10 @@ public class StatsEvent {
mNoOfOperations = 0;
mTimeTaken = 0;
mTimeTakenSqSum = 0;
- Enumeration<String> e = getSubEventNames();
- while (e.hasMoreElements()) {
- String n = e.nextElement();
- StatsEvent c = getSubEvent(n);
- c.resetCounters();
+ for (StatsEvent c : mSubEvents.values()) {
+ if (c != null) {
+ c.resetCounters();
+ }
}
}
diff --git a/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java b/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java
index 4ad6db528..2c092f91c 100644
--- a/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java
@@ -421,8 +421,8 @@ public class AuthzSubsystem implements IAuthzSubsystem {
//String infoMsg =
// "Shutting down authz manager instance " + mgr.getName();
//log(ILogger.LL_INFO, infoMsg);
-
- mgr.shutdown();
+ if (mgr != null)
+ mgr.shutdown();
}
mAuthzMgrPlugins.clear();
mAuthzMgrInsts.clear();
diff --git a/base/common/src/com/netscape/cmscore/cert/CrossCertPairSubsystem.java b/base/common/src/com/netscape/cmscore/cert/CrossCertPairSubsystem.java
index 1aa53d9e4..dd7918bd5 100644
--- a/base/common/src/com/netscape/cmscore/cert/CrossCertPairSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/cert/CrossCertPairSubsystem.java
@@ -454,10 +454,16 @@ public class CrossCertPairSubsystem implements ICrossCertPairSubsystem {
}
protected LDAPConnection getConn() throws ELdapException {
- if (mLdapConnFactory != null)
- return mLdapConnFactory.getConn();
+ if (mLdapConnFactory != null) {
+ LDAPConnection conn = mLdapConnFactory.getConn();
+ if (conn == null) {
+ throw new ELdapException("No Ldap Connection Available");
+ } else {
+ return conn;
+ }
+ }
- return null;
+ throw new ELdapException("Ldap Connection Factory is null");
}
protected void returnConn(LDAPConnection conn) throws ELdapException {
diff --git a/base/common/src/com/netscape/cmscore/connector/HttpPKIMessage.java b/base/common/src/com/netscape/cmscore/connector/HttpPKIMessage.java
index ddf23378a..4b35662fa 100644
--- a/base/common/src/com/netscape/cmscore/connector/HttpPKIMessage.java
+++ b/base/common/src/com/netscape/cmscore/connector/HttpPKIMessage.java
@@ -73,11 +73,10 @@ public class HttpPKIMessage implements IHttpPKIMessage {
+ r.getRequestId().toString() + " requestStatus=" + reqStatus + " instance=" + r);
String attrs[] = RequestTransfer.getTransferAttributes(r);
- int len = attrs.length;
String[] names = attrs;
Object value = null;
- for (int i = 0; i < len; i++) {
+ for (int i = 0; i < attrs.length; i++) {
String key = names[i];
if (r.isSimpleExtDataValue(key)) {
value = r.getExtDataInString(key);
diff --git a/base/common/src/com/netscape/cmscore/connector/RequestTransfer.java b/base/common/src/com/netscape/cmscore/connector/RequestTransfer.java
index baf076422..b3479aea0 100644
--- a/base/common/src/com/netscape/cmscore/connector/RequestTransfer.java
+++ b/base/common/src/com/netscape/cmscore/connector/RequestTransfer.java
@@ -91,12 +91,7 @@ public class RequestTransfer {
v.addElement(k);
}
CMS.debug("RequestTransfer: attribute size=" + v.size());
- if (v.size() == 0)
- return null;
- String attrs[] = new String[v.size()];
-
- v.copyInto(attrs);
- return attrs;
+ return v.toArray(new String[v.size()]);
} else {
return transferAttributes;
}
diff --git a/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java b/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java
index 63b00b6bf..2b6a63a62 100644
--- a/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java
+++ b/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java
@@ -457,25 +457,20 @@ public class DBRegistry implements IDBRegistry, ISubsystem {
* Creates object from attribute set.
*/
public IDBObj createObject(LDAPAttributeSet attrs)
- throws EBaseException {
+ throws EDBException {
// map object class attribute to object
LDAPAttribute attr = attrs.getAttribute("objectclass");
+ if (attr == null) {
+ throw new EDBException(CMS.getLogMessage("CMS_DBS_MISSING_OBJECT_CLASS"));
+ }
//CMS.debug("createObject: attrs " + attrs.toString());
attrs.remove("objectclass");
// sort the object class values
- @SuppressWarnings("unchecked")
- Enumeration<String> vals = attr.getStringValues();
- Vector<String> v = new Vector<String>();
-
- while (vals.hasMoreElements()) {
- v.addElement(vals.nextElement());
- }
- String s[] = new String[v.size()];
- v.copyInto(s);
+ String[] s = attr.getStringValueArray();
String sorted = sortAndConcate(s).toLowerCase();
NameAndObject no = mOCldapNames.get(sorted);
diff --git a/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java b/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java
index b0505c16b..71f889895 100644
--- a/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java
+++ b/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java
@@ -274,7 +274,7 @@ class PredicateTokenizer {
return (currentIndex != -1);
}
- public String nextToken() {
+ public String nextToken() throws ELdapException {
if (nextToken != null) {
String toReturn = nextToken;
@@ -322,8 +322,9 @@ class PredicateTokenizer {
}
} else {
// Cannot happen; Assert here.
- toReturn = null;
- System.out.println("We shouldn't be here!");
+ if (Debug.ON)
+ Debug.trace("Malformed expression: Null Token");
+ throw new ELdapException(CMS.getUserMessage("CMS_LDAP_BAD_LDAP_EXPRESSION"));
}
if (toReturn == null)
return null;
diff --git a/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java b/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java
index 62e4b8bef..ab99b4f06 100644
--- a/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java
+++ b/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java
@@ -493,7 +493,7 @@ public class PublisherProcessor implements
//this is the only rule we support now
LdapRule rule = (LdapRule) (mRuleInsts.get(name));
- if (rule.enabled() && rule.getType().equals(publishingType)) {
+ if (rule.enabled() && publishingType.equals(rule.getType())) {
// check if the predicate match
ILdapExpression exp = rule.getPredicate();
@@ -509,6 +509,7 @@ public class PublisherProcessor implements
if (Debug.ON)
Debug.trace("added rule " + name + " for " + publishingType);
}
+
}
return rules.elements();
}
@@ -519,24 +520,13 @@ public class PublisherProcessor implements
}
Vector<ILdapRule> rules = new Vector<ILdapRule>();
- Enumeration<String> e = mRuleInsts.keys();
+ Enumeration<ILdapRule> e = mRuleInsts.elements();
while (e.hasMoreElements()) {
- String name = e.nextElement();
-
- if (name == null) {
- if (Debug.ON)
- Debug.trace("rule name is " + "null");
- return null;
- } else {
- if (Debug.ON)
- Debug.trace("rule name is " + name);
- }
-
//this is the only rule we support now
- LdapRule rule = (LdapRule) (mRuleInsts.get(name));
+ LdapRule rule = (LdapRule) e.nextElement();
- if (rule.enabled() && rule.getType().equals(publishingType)) {
+ if (rule.enabled() && publishingType.equals(rule.getType())) {
// check if the predicate match
ILdapExpression exp = rule.getPredicate();
@@ -549,9 +539,10 @@ public class PublisherProcessor implements
rules.addElement(rule);
if (Debug.ON)
- Debug.trace("added rule " + name + " for " + publishingType +
+ Debug.trace("added rule " + rule.getInstanceName() + " for " + publishingType +
" request: " + req.getRequestId());
}
+
}
return rules.elements();
}
diff --git a/base/common/src/com/netscape/cmscore/logging/LogSubsystem.java b/base/common/src/com/netscape/cmscore/logging/LogSubsystem.java
index 9607cf892..82b515846 100644
--- a/base/common/src/com/netscape/cmscore/logging/LogSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/logging/LogSubsystem.java
@@ -204,6 +204,10 @@ public class LogSubsystem implements ILogSubsystem {
try {
return cs.getString("pluginName", "");
} catch (EBaseException e) {
+ e.printStackTrace();
+ return "";
+ } catch (NullPointerException e) {
+ e.printStackTrace();
return "";
}
}
diff --git a/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java b/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java
index f6c01b041..579d9ff5b 100644
--- a/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java
+++ b/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java
@@ -75,6 +75,7 @@ public class PolicyPredicateParser {
Debug.trace("Malformed expression: " + predicateExpression);
throw new EPolicyException(CMS.getUserMessage("CMS_POLICY_BAD_POLICY_EXPRESSION", predicateExpression));
}
+
IExpression current = parseExpression(token);
boolean malformed = false;
Vector<IExpression> expSet = new Vector<IExpression>();
@@ -276,7 +277,7 @@ class PredicateTokenizer {
return (currentIndex != -1);
}
- public String nextToken() {
+ public String nextToken() throws EPolicyException {
if (nextToken != null) {
String toReturn = nextToken;
@@ -324,8 +325,9 @@ class PredicateTokenizer {
}
} else {
// Cannot happen; Assert here.
- toReturn = null;
- System.out.println("We shouldn't be here!");
+ if (Debug.ON)
+ Debug.trace("Malformed Predicate Expression : No Tokens");
+ throw new EPolicyException("Malformed Predicate Expression : No Tokens");
}
if (toReturn == null)
return null;
diff --git a/base/common/src/com/netscape/cmscore/security/CertificateInfo.java b/base/common/src/com/netscape/cmscore/security/CertificateInfo.java
index 914803223..040abc3c2 100644
--- a/base/common/src/com/netscape/cmscore/security/CertificateInfo.java
+++ b/base/common/src/com/netscape/cmscore/security/CertificateInfo.java
@@ -189,6 +189,9 @@ public abstract class CertificateInfo {
String hashtype = (String) mProperties.get(ConfigConstants.PR_HASH_TYPE);
algm = KeyCertUtil.getSigningAlgorithm(getKeyAlgorithm(), hashtype);
+ if (algm == null) {
+ throw new NoSuchAlgorithmException();
+ }
mProperties.put(Constants.PR_SIGNATURE_ALGORITHM, algm);
}
diff --git a/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java b/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
index 192f2f483..95e213541 100644
--- a/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
@@ -1680,9 +1680,16 @@ public final class UGSubsystem implements IUGSubsystem {
}
protected LDAPConnection getConn() throws ELdapException {
- if (mLdapConnFactory == null)
- return null;
- return mLdapConnFactory.getConn();
+ if (mLdapConnFactory != null) {
+ LDAPConnection conn = mLdapConnFactory.getConn();
+ if (conn == null) {
+ throw new ELdapException("No Ldap Connection Available");
+ } else {
+ return conn;
+ }
+ }
+
+ throw new ELdapException("Ldap Connection Factory is Unavailable");
}
protected void returnConn(LDAPConnection conn) {
diff --git a/base/kra/src/com/netscape/kra/EnrollmentService.java b/base/kra/src/com/netscape/kra/EnrollmentService.java
index c881decdf..666619cdb 100644
--- a/base/kra/src/com/netscape/kra/EnrollmentService.java
+++ b/base/kra/src/com/netscape/kra/EnrollmentService.java
@@ -734,7 +734,9 @@ public class EnrollmentService implements IService {
X509CertInfo certInfo[] =
request.getExtDataInCertInfoArray(IRequest.CERT_INFO);
CertificateX509Key pX509Key = null;
-
+ if (certInfo == null) {
+ throw new EBaseException(CMS.getLogMessage("CMS_BASE_CERT_NOT_FOUND"));
+ }
try {
pX509Key = (CertificateX509Key)
certInfo[i].get(X509CertInfo.KEY);
@@ -785,6 +787,9 @@ public class EnrollmentService implements IService {
X509CertInfo certInfo[] =
request.getExtDataInCertInfoArray(IRequest.CERT_INFO);
+ if (certInfo == null) {
+ throw new EBaseException(CMS.getLogMessage("CMS_BASE_CERT_NOT_FOUND"));
+ }
CertificateSubjectName pSub = null;
try {
diff --git a/base/util/src/com/netscape/cmsutil/http/HttpMessage.java b/base/util/src/com/netscape/cmsutil/http/HttpMessage.java
index 398f38400..44f608900 100644
--- a/base/util/src/com/netscape/cmsutil/http/HttpMessage.java
+++ b/base/util/src/com/netscape/cmsutil/http/HttpMessage.java
@@ -119,9 +119,9 @@ public class HttpMessage {
throws IOException {
String line = reader.readLine();
- // if (line == null) {
- // throw new HttpEofException("End of stream reached");
- // }
+ if (line == null) {
+ throw new HttpEofException("End of stream reached");
+ }
if (line.equals("")) {
throw new HttpProtocolException("Bad Http req/resp line " + line);
}
diff --git a/base/util/src/netscape/security/util/PrettyPrintFormat.java b/base/util/src/netscape/security/util/PrettyPrintFormat.java
index 4bbc87936..30ae33b10 100644
--- a/base/util/src/netscape/security/util/PrettyPrintFormat.java
+++ b/base/util/src/netscape/security/util/PrettyPrintFormat.java
@@ -102,6 +102,9 @@ public class PrettyPrintFormat {
public String toHexString(byte[] in, int indentSize,
int lineLen, String separator) {
+ if (in == null) {
+ return "";
+ }
StringBuffer sb = new StringBuffer();
int hexCount = 0;
char c[];
diff --git a/base/util/src/netscape/security/x509/KeyUsageExtension.java b/base/util/src/netscape/security/x509/KeyUsageExtension.java
index 15bf29b83..8cbfc880a 100644
--- a/base/util/src/netscape/security/x509/KeyUsageExtension.java
+++ b/base/util/src/netscape/security/x509/KeyUsageExtension.java
@@ -210,7 +210,12 @@ public class KeyUsageExtension extends Extension
}
this.extensionValue = extValue;
DerValue val = new DerValue(extValue);
- this.bitString = val.getUnalignedBitString().toBooleanArray();
+ BitArray bitArray = val.getUnalignedBitString();
+ if (bitArray == null) {
+ throw new IOException("Invalid bit string");
+ }
+ this.bitString = bitArray.toBooleanArray();
+
}
/**