Bugzilla Bug #454559: OCSP returns a nullpointer exception if the request is

not provided as a parameter in the GET operation. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@65 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
author: mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2008-07-09 00:08:36 +0000
committer: mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2008-07-09 00:08:36 +0000
commit: 3b33272d5ac9634d0cfb30cbf113a0321bc3947a (patch)
tree: b0689537e47fbf01ecd8909bd6a5347ed5f4c8ee /pki/base/common/src/com/netscape/cms/servlet/ocsp
parent: 0acbe2322415c2883a3a1e135893874b79f06e7d (diff)
download: pki-3b33272d5ac9634d0cfb30cbf113a0321bc3947a.tar.gz
pki-3b33272d5ac9634d0cfb30cbf113a0321bc3947a.tar.xz
pki-3b33272d5ac9634d0cfb30cbf113a0321bc3947a.zip
1 files changed, 14 insertions, 1 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java b/pki/base/common/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java
index 6a55e88b3..ab4a1d5b2 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java
@@ -171,7 +171,10 @@ public class OCSPServlet extends CMSServlet {
               is = new ByteArrayInputStream(reqbuf);
             } else {
               // GET method
-              if (pathInfo == null) {
+              if ( (pathInfo == null)              ||
+                   (pathInfo.equals( "" ) )        ||
+                   (pathInfo.substring(1) == null) ||
+                   (pathInfo.substring(1).equals( "" ) ) ) {
                   throw new Exception("OCSPServlet: OCSP request not provided in GET method");
               }
               is = new ByteArrayInputStream(
@@ -186,7 +189,17 @@ public class OCSPServlet extends CMSServlet {
                 OCSPRequest.Template reqTemplate = 
                     new OCSPRequest.Template();
 
+                if ( (is == null) ||
+                     (is.toString().equals( "" ) ) ) {
+                    throw new Exception( "OCSPServlet: OCSP request is "
+                                       + "empty or malformed");
+                }
                 ocspReq = (OCSPRequest) reqTemplate.decode(is);
+                if ( (ocspReq == null) ||
+                     (ocspReq.toString().equals( "" ) ) ) {
+                    throw new Exception( "OCSPServlet: Decoded OCSP request "
+                                       + "is empty or malformed");
+                }
                 response = ((IOCSPService) mAuthority).validate(ocspReq);
             } catch (Exception e) {;
                 CMS.debug("OCSPServlet: " + e.toString());
author	mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2008-07-09 00:08:36 +0000
committer	mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2008-07-09 00:08:36 +0000
commit	3b33272d5ac9634d0cfb30cbf113a0321bc3947a (patch)
tree	b0689537e47fbf01ecd8909bd6a5347ed5f4c8ee /pki/base/common/src/com/netscape/cms/servlet/ocsp
parent	0acbe2322415c2883a3a1e135893874b79f06e7d (diff)
download	pki-3b33272d5ac9634d0cfb30cbf113a0321bc3947a.tar.gz pki-3b33272d5ac9634d0cfb30cbf113a0321bc3947a.tar.xz pki-3b33272d5ac9634d0cfb30cbf113a0321bc3947a.zip