diff options
author | mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2008-07-09 00:08:36 +0000 |
---|---|---|
committer | mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2008-07-09 00:08:36 +0000 |
commit | 3b33272d5ac9634d0cfb30cbf113a0321bc3947a (patch) | |
tree | b0689537e47fbf01ecd8909bd6a5347ed5f4c8ee /pki/base/common/src/com/netscape/cms/servlet/ocsp | |
parent | 0acbe2322415c2883a3a1e135893874b79f06e7d (diff) | |
download | pki-3b33272d5ac9634d0cfb30cbf113a0321bc3947a.tar.gz pki-3b33272d5ac9634d0cfb30cbf113a0321bc3947a.tar.xz pki-3b33272d5ac9634d0cfb30cbf113a0321bc3947a.zip |
Bugzilla Bug #454559: OCSP returns a nullpointer exception if the request is
not provided as a parameter in the GET operation.
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@65 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/ocsp')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java b/pki/base/common/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java index 6a55e88b3..ab4a1d5b2 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java @@ -171,7 +171,10 @@ public class OCSPServlet extends CMSServlet { is = new ByteArrayInputStream(reqbuf); } else { // GET method - if (pathInfo == null) { + if ( (pathInfo == null) || + (pathInfo.equals( "" ) ) || + (pathInfo.substring(1) == null) || + (pathInfo.substring(1).equals( "" ) ) ) { throw new Exception("OCSPServlet: OCSP request not provided in GET method"); } is = new ByteArrayInputStream( @@ -186,7 +189,17 @@ public class OCSPServlet extends CMSServlet { OCSPRequest.Template reqTemplate = new OCSPRequest.Template(); + if ( (is == null) || + (is.toString().equals( "" ) ) ) { + throw new Exception( "OCSPServlet: OCSP request is " + + "empty or malformed"); + } ocspReq = (OCSPRequest) reqTemplate.decode(is); + if ( (ocspReq == null) || + (ocspReq.toString().equals( "" ) ) ) { + throw new Exception( "OCSPServlet: Decoded OCSP request " + + "is empty or malformed"); + } response = ((IOCSPService) mAuthority).validate(ocspReq); } catch (Exception e) {; CMS.debug("OCSPServlet: " + e.toString()); |