From c2128339ba046ceb7ab32954ae07dbb4b41d4e73 Mon Sep 17 00:00:00 2001 From: Abhishek Koneru Date: Thu, 31 May 2012 17:04:47 -0400 Subject: Fixes for Null_Returns Cases - 1 For Commit --- base/ca/src/com/netscape/ca/CAService.java | 3 + base/ca/src/com/netscape/ca/CRLIssuingPoint.java | 141 ++++++++++++--------- base/common/src/UserMessages.properties | 3 +- .../src/com/netscape/certsrv/util/StatsEvent.java | 30 ++--- .../cmscore/authorization/AuthzSubsystem.java | 4 +- .../cmscore/cert/CrossCertPairSubsystem.java | 12 +- .../netscape/cmscore/connector/HttpPKIMessage.java | 3 +- .../cmscore/connector/RequestTransfer.java | 7 +- .../src/com/netscape/cmscore/dbs/DBRegistry.java | 15 +-- .../netscape/cmscore/ldap/LdapPredicateParser.java | 7 +- .../netscape/cmscore/ldap/PublisherProcessor.java | 23 +--- .../com/netscape/cmscore/logging/LogSubsystem.java | 4 + .../cmscore/policy/PolicyPredicateParser.java | 8 +- .../netscape/cmscore/security/CertificateInfo.java | 3 + .../com/netscape/cmscore/usrgrp/UGSubsystem.java | 13 +- .../src/com/netscape/kra/EnrollmentService.java | 7 +- .../src/com/netscape/cmsutil/http/HttpMessage.java | 6 +- .../netscape/security/util/PrettyPrintFormat.java | 3 + .../netscape/security/x509/KeyUsageExtension.java | 7 +- 19 files changed, 167 insertions(+), 132 deletions(-) (limited to 'base') diff --git a/base/ca/src/com/netscape/ca/CAService.java b/base/ca/src/com/netscape/ca/CAService.java index 21702d90c..12011ced4 100644 --- a/base/ca/src/com/netscape/ca/CAService.java +++ b/base/ca/src/com/netscape/ca/CAService.java @@ -1500,6 +1500,9 @@ class getCertsForChallenge implements IServant { throws EBaseException { BigInteger[] serialNoArray = request.getExtDataInBigIntegerArray(CAService.SERIALNO_ARRAY); + if (serialNoArray == null) { + throw new ECAException(CMS.getLogMessage("CMS_CA_MISSING_SERIAL_NUMBER")); + } X509CertImpl[] certs = new X509CertImpl[serialNoArray.length]; for (int i = 0; i < serialNoArray.length; i++) { diff --git a/base/ca/src/com/netscape/ca/CRLIssuingPoint.java b/base/ca/src/com/netscape/ca/CRLIssuingPoint.java index ff61970f9..56dcc2457 100644 --- a/base/ca/src/com/netscape/ca/CRLIssuingPoint.java +++ b/base/ca/src/com/netscape/ca/CRLIssuingPoint.java @@ -756,8 +756,9 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { * Initializes CRL cache and republishes CRL if requested * Called from auto update thread (run()). * Do not call it from init(), because it will block CMS on start. + * @throws EBaseException */ - private void initCRL() { + private void initCRL() throws EBaseException { ICRLIssuingPointRecord crlRecord = null; mLastCacheUpdate = System.currentTimeMillis() + mCacheUpdateInterval; @@ -1709,60 +1710,65 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { ((mEnableDailyUpdates && mDailyUpdates != null && mTimeListSize > 0) || (mEnableUpdateFreq && mAutoUpdateInterval > 0)); + try { + if (mInitialized == CRL_IP_NOT_INITIALIZED) + initCRL(); - if (mInitialized == CRL_IP_NOT_INITIALIZED) - initCRL(); - if (mInitialized == CRL_IP_INITIALIZED && (!mEnable)) - break; + if (mInitialized == CRL_IP_INITIALIZED && (!mEnable)) + break; - if ((mEnableCRLUpdates && mDoManualUpdate) || mDoLastAutoUpdate) { - delay = 0; - } else if (scheduledUpdates) { - delay = findNextUpdate(true, false); - } - - if (mEnableCRLCache && mCacheUpdateInterval > 0) { - delay2 = mLastCacheUpdate + mCacheUpdateInterval - - System.currentTimeMillis(); - if (delay2 < delay || - (!(scheduledUpdates || mDoLastAutoUpdate || - (mEnableCRLUpdates && mDoManualUpdate)))) { - delay = delay2; - if (delay <= 0) { - doCacheUpdate = true; - mLastCacheUpdate = System.currentTimeMillis(); + if ((mEnableCRLUpdates && mDoManualUpdate) || mDoLastAutoUpdate) { + delay = 0; + } else if (scheduledUpdates) { + delay = findNextUpdate(true, false); + } + + if (mEnableCRLCache && mCacheUpdateInterval > 0) { + delay2 = mLastCacheUpdate + mCacheUpdateInterval - + System.currentTimeMillis(); + if (delay2 < delay || + (!(scheduledUpdates || mDoLastAutoUpdate || + (mEnableCRLUpdates && mDoManualUpdate)))) { + delay = delay2; + if (delay <= 0) { + doCacheUpdate = true; + mLastCacheUpdate = System.currentTimeMillis(); + } } } - } - if (delay > 0) { - try { - wait(delay); - } catch (InterruptedException e) { - } - } else { - try { - if (doCacheUpdate) { - updateCRLCacheRepository(); - } else if (mAutoUpdateInterval > 0 || mDoLastAutoUpdate || mDoManualUpdate) { - updateCRL(); + if (delay > 0) { + try { + wait(delay); + } catch (InterruptedException e) { } - } catch (Exception e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ISSUING_CRL", - (doCacheUpdate) ? "update CRL cache" : "update CRL", e.toString())); - if (Debug.on()) { - Debug.trace((doCacheUpdate) ? "update CRL cache" : "update CRL" + " error " + e); - Debug.printStackTrace(e); + } else { + try { + if (doCacheUpdate) { + updateCRLCacheRepository(); + } else if (mAutoUpdateInterval > 0 || mDoLastAutoUpdate || mDoManualUpdate) { + updateCRL(); + } + } catch (Exception e) { + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_ISSUING_CRL", + (doCacheUpdate) ? "update CRL cache" : "update CRL", e.toString())); + if (Debug.on()) { + Debug.trace((doCacheUpdate) ? "update CRL cache" : "update CRL" + " error " + e); + Debug.printStackTrace(e); + } + } + // put this here to prevent continuous loop if internal + // db is down. + if (mDoLastAutoUpdate) + mDoLastAutoUpdate = false; + if (mDoManualUpdate) { + mDoManualUpdate = false; + mSignatureAlgorithmForManualUpdate = null; } } - // put this here to prevent continuous loop if internal - // db is down. - if (mDoLastAutoUpdate) - mDoLastAutoUpdate = false; - if (mDoManualUpdate) { - mDoManualUpdate = false; - mSignatureAlgorithmForManualUpdate = null; - } + } catch (EBaseException e1) { + // TODO Auto-generated catch block + e1.printStackTrace(); } } } @@ -1886,8 +1892,9 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { /** * recovers CRL cache + * @throws EBaseException */ - private void recoverCRLCache() { + private void recoverCRLCache() throws EBaseException { if (mEnableCacheRecovery) { // 553815 - original filter was not aligned with any VLV index // String filter = "(&(requeststate=complete)"+ @@ -1926,25 +1933,41 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { if (IRequest.REVOCATION_REQUEST.equals(request.getRequestType())) { RevokedCertImpl revokedCert[] = request.getExtDataInRevokedCertArray(IRequest.CERT_INFO); - for (int j = 0; j < revokedCert.length; j++) { - if (Debug.on()) { - Debug.trace("recoverCRLCache R j=" + j + " length=" + revokedCert.length + + if (revokedCert != null) { + for (int j = 0; j < revokedCert.length; j++) { + if (Debug.on()) { + Debug.trace("recoverCRLCache R j=" + j + " length=" + revokedCert.length + " SerialNumber=0x" + revokedCert[j].getSerialNumber().toString(16)); + } + if (cp != null) + includeCert = cp.checkRevokedCertExtensions(revokedCert[j].getExtensions()); + if (includeCert) { + updateRevokedCert(REVOKED_CERT, revokedCert[j].getSerialNumber(), revokedCert[j]); + } } - if (cp != null) - includeCert = cp.checkRevokedCertExtensions(revokedCert[j].getExtensions()); - if (includeCert) { - updateRevokedCert(REVOKED_CERT, revokedCert[j].getSerialNumber(), revokedCert[j]); + } else { + if (Debug.on()) { + Debug.trace("Revocation Request : Revoked Certificates is a Null or has Invalid Values"); } + log(ILogger.LL_FAILURE, "Revoked Certificates is a Null or has Invalid Values"); + throw new EBaseException("Revocation Request : Revoked Certificates is a Null or has Invalid Values"); } } else if (IRequest.UNREVOCATION_REQUEST.equals(request.getRequestType())) { BigInteger serialNo[] = request.getExtDataInBigIntegerArray(IRequest.OLD_SERIALS); - for (int j = 0; j < serialNo.length; j++) { - if (Debug.on()) { - Debug.trace("recoverCRLCache U j=" + j + " length=" + serialNo.length + + if (serialNo != null) { + for (int j = 0; j < serialNo.length; j++) { + if (Debug.on()) { + Debug.trace("recoverCRLCache U j=" + j + " length=" + serialNo.length + " SerialNumber=0x" + serialNo[j].toString(16)); + } + updateRevokedCert(UNREVOKED_CERT, serialNo[j], null); + } + } else { + if (Debug.on()) { + Debug.trace("Unrevocation Request : Serial Numbers is a Null or has Invalid Values"); } - updateRevokedCert(UNREVOKED_CERT, serialNo[j], null); + log(ILogger.LL_FAILURE, "Unrevocation Request : Serial Numbers is a Null or has Invalid Values"); + throw new EBaseException("Unrevocation Request : Serial Numbers is a Null or has Invalid Values"); } } } diff --git a/base/common/src/UserMessages.properties b/base/common/src/UserMessages.properties index 1c78c98ce..694c31d65 100644 --- a/base/common/src/UserMessages.properties +++ b/base/common/src/UserMessages.properties @@ -50,7 +50,7 @@ CMS_INVALID_OPERATION=Invalid operation # ProcessCertReq servlet # ProcessReq servelt ####################################################### -CMS_BASE_CERT_NOT_FOUND=Certificate not found +CMS_BASE_CERT_NOT_FOUND=Certificate not found or invalid CMS_BASE_ENCODE_CERT_FAILED=Failed to encode certificate CMS_BASE_NOT_TOKEN_CERT=The certificate being deleted is not a token certificate CMS_BASE_CERT_ERROR=Certificate Error: {0} @@ -459,6 +459,7 @@ CMS_DBS_SETBACK_MAXSERIAL=The serial number is already in use.\nYou can only set CMS_DBS_LDIF_FAILED=Failed to create ldif file: {0} CMS_DBS_COPY_LDIF_FAILED=Failed to copy ldif file: {0} CMS_DBS_RECORD_NOT_FOUND=Record not found +CMS_DBS_MISSING_OBJECT_CLASS=Missing Object Class ####################################################### # Jobs # diff --git a/base/common/src/com/netscape/certsrv/util/StatsEvent.java b/base/common/src/com/netscape/certsrv/util/StatsEvent.java index 3ee6e0d30..c431a3908 100644 --- a/base/common/src/com/netscape/certsrv/util/StatsEvent.java +++ b/base/common/src/com/netscape/certsrv/util/StatsEvent.java @@ -18,6 +18,8 @@ package com.netscape.certsrv.util; import java.util.Enumeration; +import java.util.HashMap; +import java.util.Map; import java.util.Vector; /** @@ -34,7 +36,7 @@ public class StatsEvent { private long mTimeTaken = 0; private long mTimeTakenSqSum = 0; private long mNoOfOperations = 0; - private Vector mSubEvents = new Vector(); + private Map mSubEvents = new HashMap(); private StatsEvent mParent = null; public StatsEvent(StatsEvent parent) { @@ -53,7 +55,7 @@ public class StatsEvent { } public void addSubEvent(StatsEvent st) { - mSubEvents.addElement(st); + mSubEvents.put(st.getName(), st); } /** @@ -61,10 +63,8 @@ public class StatsEvent { */ public Enumeration getSubEventNames() { Vector names = new Vector(); - Enumeration e = mSubEvents.elements(); - while (e.hasMoreElements()) { - StatsEvent st = e.nextElement(); - names.addElement(st.getName()); + for (String s : mSubEvents.keySet()) { + names.add(s); } return names.elements(); } @@ -73,14 +73,7 @@ public class StatsEvent { * Retrieves a sub transaction. */ public StatsEvent getSubEvent(String name) { - Enumeration e = mSubEvents.elements(); - while (e.hasMoreElements()) { - StatsEvent st = e.nextElement(); - if (st.getName().equals(name)) { - return st; - } - } - return null; + return mSubEvents.get(name); } public void resetCounters() { @@ -89,11 +82,10 @@ public class StatsEvent { mNoOfOperations = 0; mTimeTaken = 0; mTimeTakenSqSum = 0; - Enumeration e = getSubEventNames(); - while (e.hasMoreElements()) { - String n = e.nextElement(); - StatsEvent c = getSubEvent(n); - c.resetCounters(); + for (StatsEvent c : mSubEvents.values()) { + if (c != null) { + c.resetCounters(); + } } } diff --git a/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java b/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java index 4ad6db528..2c092f91c 100644 --- a/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java +++ b/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java @@ -421,8 +421,8 @@ public class AuthzSubsystem implements IAuthzSubsystem { //String infoMsg = // "Shutting down authz manager instance " + mgr.getName(); //log(ILogger.LL_INFO, infoMsg); - - mgr.shutdown(); + if (mgr != null) + mgr.shutdown(); } mAuthzMgrPlugins.clear(); mAuthzMgrInsts.clear(); diff --git a/base/common/src/com/netscape/cmscore/cert/CrossCertPairSubsystem.java b/base/common/src/com/netscape/cmscore/cert/CrossCertPairSubsystem.java index 1aa53d9e4..dd7918bd5 100644 --- a/base/common/src/com/netscape/cmscore/cert/CrossCertPairSubsystem.java +++ b/base/common/src/com/netscape/cmscore/cert/CrossCertPairSubsystem.java @@ -454,10 +454,16 @@ public class CrossCertPairSubsystem implements ICrossCertPairSubsystem { } protected LDAPConnection getConn() throws ELdapException { - if (mLdapConnFactory != null) - return mLdapConnFactory.getConn(); + if (mLdapConnFactory != null) { + LDAPConnection conn = mLdapConnFactory.getConn(); + if (conn == null) { + throw new ELdapException("No Ldap Connection Available"); + } else { + return conn; + } + } - return null; + throw new ELdapException("Ldap Connection Factory is null"); } protected void returnConn(LDAPConnection conn) throws ELdapException { diff --git a/base/common/src/com/netscape/cmscore/connector/HttpPKIMessage.java b/base/common/src/com/netscape/cmscore/connector/HttpPKIMessage.java index ddf23378a..4b35662fa 100644 --- a/base/common/src/com/netscape/cmscore/connector/HttpPKIMessage.java +++ b/base/common/src/com/netscape/cmscore/connector/HttpPKIMessage.java @@ -73,11 +73,10 @@ public class HttpPKIMessage implements IHttpPKIMessage { + r.getRequestId().toString() + " requestStatus=" + reqStatus + " instance=" + r); String attrs[] = RequestTransfer.getTransferAttributes(r); - int len = attrs.length; String[] names = attrs; Object value = null; - for (int i = 0; i < len; i++) { + for (int i = 0; i < attrs.length; i++) { String key = names[i]; if (r.isSimpleExtDataValue(key)) { value = r.getExtDataInString(key); diff --git a/base/common/src/com/netscape/cmscore/connector/RequestTransfer.java b/base/common/src/com/netscape/cmscore/connector/RequestTransfer.java index baf076422..b3479aea0 100644 --- a/base/common/src/com/netscape/cmscore/connector/RequestTransfer.java +++ b/base/common/src/com/netscape/cmscore/connector/RequestTransfer.java @@ -91,12 +91,7 @@ public class RequestTransfer { v.addElement(k); } CMS.debug("RequestTransfer: attribute size=" + v.size()); - if (v.size() == 0) - return null; - String attrs[] = new String[v.size()]; - - v.copyInto(attrs); - return attrs; + return v.toArray(new String[v.size()]); } else { return transferAttributes; } diff --git a/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java b/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java index 63b00b6bf..2b6a63a62 100644 --- a/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java +++ b/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java @@ -457,25 +457,20 @@ public class DBRegistry implements IDBRegistry, ISubsystem { * Creates object from attribute set. */ public IDBObj createObject(LDAPAttributeSet attrs) - throws EBaseException { + throws EDBException { // map object class attribute to object LDAPAttribute attr = attrs.getAttribute("objectclass"); + if (attr == null) { + throw new EDBException(CMS.getLogMessage("CMS_DBS_MISSING_OBJECT_CLASS")); + } //CMS.debug("createObject: attrs " + attrs.toString()); attrs.remove("objectclass"); // sort the object class values - @SuppressWarnings("unchecked") - Enumeration vals = attr.getStringValues(); - Vector v = new Vector(); - - while (vals.hasMoreElements()) { - v.addElement(vals.nextElement()); - } - String s[] = new String[v.size()]; - v.copyInto(s); + String[] s = attr.getStringValueArray(); String sorted = sortAndConcate(s).toLowerCase(); NameAndObject no = mOCldapNames.get(sorted); diff --git a/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java b/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java index b0505c16b..71f889895 100644 --- a/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java +++ b/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java @@ -274,7 +274,7 @@ class PredicateTokenizer { return (currentIndex != -1); } - public String nextToken() { + public String nextToken() throws ELdapException { if (nextToken != null) { String toReturn = nextToken; @@ -322,8 +322,9 @@ class PredicateTokenizer { } } else { // Cannot happen; Assert here. - toReturn = null; - System.out.println("We shouldn't be here!"); + if (Debug.ON) + Debug.trace("Malformed expression: Null Token"); + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_BAD_LDAP_EXPRESSION")); } if (toReturn == null) return null; diff --git a/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java b/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java index 62e4b8bef..ab99b4f06 100644 --- a/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java +++ b/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java @@ -493,7 +493,7 @@ public class PublisherProcessor implements //this is the only rule we support now LdapRule rule = (LdapRule) (mRuleInsts.get(name)); - if (rule.enabled() && rule.getType().equals(publishingType)) { + if (rule.enabled() && publishingType.equals(rule.getType())) { // check if the predicate match ILdapExpression exp = rule.getPredicate(); @@ -509,6 +509,7 @@ public class PublisherProcessor implements if (Debug.ON) Debug.trace("added rule " + name + " for " + publishingType); } + } return rules.elements(); } @@ -519,24 +520,13 @@ public class PublisherProcessor implements } Vector rules = new Vector(); - Enumeration e = mRuleInsts.keys(); + Enumeration e = mRuleInsts.elements(); while (e.hasMoreElements()) { - String name = e.nextElement(); - - if (name == null) { - if (Debug.ON) - Debug.trace("rule name is " + "null"); - return null; - } else { - if (Debug.ON) - Debug.trace("rule name is " + name); - } - //this is the only rule we support now - LdapRule rule = (LdapRule) (mRuleInsts.get(name)); + LdapRule rule = (LdapRule) e.nextElement(); - if (rule.enabled() && rule.getType().equals(publishingType)) { + if (rule.enabled() && publishingType.equals(rule.getType())) { // check if the predicate match ILdapExpression exp = rule.getPredicate(); @@ -549,9 +539,10 @@ public class PublisherProcessor implements rules.addElement(rule); if (Debug.ON) - Debug.trace("added rule " + name + " for " + publishingType + + Debug.trace("added rule " + rule.getInstanceName() + " for " + publishingType + " request: " + req.getRequestId()); } + } return rules.elements(); } diff --git a/base/common/src/com/netscape/cmscore/logging/LogSubsystem.java b/base/common/src/com/netscape/cmscore/logging/LogSubsystem.java index 9607cf892..82b515846 100644 --- a/base/common/src/com/netscape/cmscore/logging/LogSubsystem.java +++ b/base/common/src/com/netscape/cmscore/logging/LogSubsystem.java @@ -204,6 +204,10 @@ public class LogSubsystem implements ILogSubsystem { try { return cs.getString("pluginName", ""); } catch (EBaseException e) { + e.printStackTrace(); + return ""; + } catch (NullPointerException e) { + e.printStackTrace(); return ""; } } diff --git a/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java b/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java index f6c01b041..579d9ff5b 100644 --- a/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java +++ b/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java @@ -75,6 +75,7 @@ public class PolicyPredicateParser { Debug.trace("Malformed expression: " + predicateExpression); throw new EPolicyException(CMS.getUserMessage("CMS_POLICY_BAD_POLICY_EXPRESSION", predicateExpression)); } + IExpression current = parseExpression(token); boolean malformed = false; Vector expSet = new Vector(); @@ -276,7 +277,7 @@ class PredicateTokenizer { return (currentIndex != -1); } - public String nextToken() { + public String nextToken() throws EPolicyException { if (nextToken != null) { String toReturn = nextToken; @@ -324,8 +325,9 @@ class PredicateTokenizer { } } else { // Cannot happen; Assert here. - toReturn = null; - System.out.println("We shouldn't be here!"); + if (Debug.ON) + Debug.trace("Malformed Predicate Expression : No Tokens"); + throw new EPolicyException("Malformed Predicate Expression : No Tokens"); } if (toReturn == null) return null; diff --git a/base/common/src/com/netscape/cmscore/security/CertificateInfo.java b/base/common/src/com/netscape/cmscore/security/CertificateInfo.java index 914803223..040abc3c2 100644 --- a/base/common/src/com/netscape/cmscore/security/CertificateInfo.java +++ b/base/common/src/com/netscape/cmscore/security/CertificateInfo.java @@ -189,6 +189,9 @@ public abstract class CertificateInfo { String hashtype = (String) mProperties.get(ConfigConstants.PR_HASH_TYPE); algm = KeyCertUtil.getSigningAlgorithm(getKeyAlgorithm(), hashtype); + if (algm == null) { + throw new NoSuchAlgorithmException(); + } mProperties.put(Constants.PR_SIGNATURE_ALGORITHM, algm); } diff --git a/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java b/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java index 192f2f483..95e213541 100644 --- a/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java +++ b/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java @@ -1680,9 +1680,16 @@ public final class UGSubsystem implements IUGSubsystem { } protected LDAPConnection getConn() throws ELdapException { - if (mLdapConnFactory == null) - return null; - return mLdapConnFactory.getConn(); + if (mLdapConnFactory != null) { + LDAPConnection conn = mLdapConnFactory.getConn(); + if (conn == null) { + throw new ELdapException("No Ldap Connection Available"); + } else { + return conn; + } + } + + throw new ELdapException("Ldap Connection Factory is Unavailable"); } protected void returnConn(LDAPConnection conn) { diff --git a/base/kra/src/com/netscape/kra/EnrollmentService.java b/base/kra/src/com/netscape/kra/EnrollmentService.java index c881decdf..666619cdb 100644 --- a/base/kra/src/com/netscape/kra/EnrollmentService.java +++ b/base/kra/src/com/netscape/kra/EnrollmentService.java @@ -734,7 +734,9 @@ public class EnrollmentService implements IService { X509CertInfo certInfo[] = request.getExtDataInCertInfoArray(IRequest.CERT_INFO); CertificateX509Key pX509Key = null; - + if (certInfo == null) { + throw new EBaseException(CMS.getLogMessage("CMS_BASE_CERT_NOT_FOUND")); + } try { pX509Key = (CertificateX509Key) certInfo[i].get(X509CertInfo.KEY); @@ -785,6 +787,9 @@ public class EnrollmentService implements IService { X509CertInfo certInfo[] = request.getExtDataInCertInfoArray(IRequest.CERT_INFO); + if (certInfo == null) { + throw new EBaseException(CMS.getLogMessage("CMS_BASE_CERT_NOT_FOUND")); + } CertificateSubjectName pSub = null; try { diff --git a/base/util/src/com/netscape/cmsutil/http/HttpMessage.java b/base/util/src/com/netscape/cmsutil/http/HttpMessage.java index 398f38400..44f608900 100644 --- a/base/util/src/com/netscape/cmsutil/http/HttpMessage.java +++ b/base/util/src/com/netscape/cmsutil/http/HttpMessage.java @@ -119,9 +119,9 @@ public class HttpMessage { throws IOException { String line = reader.readLine(); - // if (line == null) { - // throw new HttpEofException("End of stream reached"); - // } + if (line == null) { + throw new HttpEofException("End of stream reached"); + } if (line.equals("")) { throw new HttpProtocolException("Bad Http req/resp line " + line); } diff --git a/base/util/src/netscape/security/util/PrettyPrintFormat.java b/base/util/src/netscape/security/util/PrettyPrintFormat.java index 4bbc87936..30ae33b10 100644 --- a/base/util/src/netscape/security/util/PrettyPrintFormat.java +++ b/base/util/src/netscape/security/util/PrettyPrintFormat.java @@ -102,6 +102,9 @@ public class PrettyPrintFormat { public String toHexString(byte[] in, int indentSize, int lineLen, String separator) { + if (in == null) { + return ""; + } StringBuffer sb = new StringBuffer(); int hexCount = 0; char c[]; diff --git a/base/util/src/netscape/security/x509/KeyUsageExtension.java b/base/util/src/netscape/security/x509/KeyUsageExtension.java index 15bf29b83..8cbfc880a 100644 --- a/base/util/src/netscape/security/x509/KeyUsageExtension.java +++ b/base/util/src/netscape/security/x509/KeyUsageExtension.java @@ -210,7 +210,12 @@ public class KeyUsageExtension extends Extension } this.extensionValue = extValue; DerValue val = new DerValue(extValue); - this.bitString = val.getUnalignedBitString().toBooleanArray(); + BitArray bitArray = val.getUnalignedBitString(); + if (bitArray == null) { + throw new IOException("Invalid bit string"); + } + this.bitString = bitArray.toBooleanArray(); + } /** -- cgit