From d5d0b91bc5597eec19520cee74569e9ddacc2090 Mon Sep 17 00:00:00 2001 From: Abhishek Koneru Date: Fri, 15 Jun 2012 10:28:40 -0400 Subject: Fixes for Coverity Issues of type Null Returns - Part 3 --- .../com/netscape/certsrv/usrgrp/IUGSubsystem.java | 6 ++-- .../netscape/cmscore/profile/ProfileSubsystem.java | 2 +- .../com/netscape/cmscore/security/KeyCertUtil.java | 7 ++-- .../com/netscape/cmscore/usrgrp/UGSubsystem.java | 40 ++++++++++++++++------ .../com/netscape/cmscore/request/RequestTest.java | 18 ++++++---- base/kra/src/com/netscape/kra/RecoveryService.java | 6 ++++ 6 files changed, 57 insertions(+), 22 deletions(-) (limited to 'base') diff --git a/base/common/src/com/netscape/certsrv/usrgrp/IUGSubsystem.java b/base/common/src/com/netscape/certsrv/usrgrp/IUGSubsystem.java index c101187c4..bbd051324 100644 --- a/base/common/src/com/netscape/certsrv/usrgrp/IUGSubsystem.java +++ b/base/common/src/com/netscape/certsrv/usrgrp/IUGSubsystem.java @@ -120,16 +120,18 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp { * * @param filter the search filter * @return a list of groups that match the given search filter + * @throws EUsrGrpException */ - public Enumeration findGroups(String filter); + public Enumeration findGroups(String filter) throws EUsrGrpException; /** * Find a group for the given name * * @param name the given name * @return a group that matched the given name + * @throws EUsrGrpException */ - public IGroup findGroup(String name); + public IGroup findGroup(String name) throws EUsrGrpException; /** * List groups. This method is more efficient than findGroups because diff --git a/base/common/src/com/netscape/cmscore/profile/ProfileSubsystem.java b/base/common/src/com/netscape/cmscore/profile/ProfileSubsystem.java index 7da1cc332..45807d6e9 100644 --- a/base/common/src/com/netscape/cmscore/profile/ProfileSubsystem.java +++ b/base/common/src/com/netscape/cmscore/profile/ProfileSubsystem.java @@ -97,7 +97,7 @@ public class ProfileSubsystem implements IProfileSubsystem { String classid = subStore.getString(PROP_CLASS_ID); IPluginInfo info = registry.getPluginInfo("profile", classid); if (info == null) { - throw new EBaseException("No plugins for type : profile with id " + classid); + throw new EBaseException("No plugins for type : profile, with id " + classid); } String configPath = subStore.getString(PROP_CONFIG); diff --git a/base/common/src/com/netscape/cmscore/security/KeyCertUtil.java b/base/common/src/com/netscape/cmscore/security/KeyCertUtil.java index 844052e4b..80ad36c2d 100644 --- a/base/common/src/com/netscape/cmscore/security/KeyCertUtil.java +++ b/base/common/src/com/netscape/cmscore/security/KeyCertUtil.java @@ -1056,8 +1056,11 @@ public class KeyCertUtil { String dn = "ou=certificateRepository,ou=ca," + baseDN; BigInteger serialno = null; LDAPEntry entry = conn.read(dn); - String serialnoStr = (String) entry.getAttribute( - "serialno").getStringValues().nextElement(); + LDAPAttribute serialNo = entry.getAttribute("serialno"); + if (serialNo == null) { + throw new LDAPException("No value for attribute serial number in LDAP entry " + entry.getDN()); + } + String serialnoStr = (String) serialNo.getStringValues().nextElement(); serialno = BigIntegerMapper.BigIntegerFromDB(serialnoStr); LDAPAttribute attr = new LDAPAttribute("serialno"); diff --git a/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java b/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java index 95e213541..20ad26524 100644 --- a/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java +++ b/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java @@ -416,8 +416,11 @@ public final class UGSubsystem implements IUGSubsystem { * @return the User entity. */ protected IUser lbuildUser(LDAPEntry entry) throws EUsrGrpException { - IUser id = createUser(this, (String) - entry.getAttribute("uid").getStringValues().nextElement()); + LDAPAttribute uid = entry.getAttribute("uid"); + if (uid == null) { + throw new EUsrGrpException("No Attribute UID in LDAP Entry " + entry.getDN()); + } + IUser id = createUser(this, (String) uid.getStringValues().nextElement()); LDAPAttribute cnAttr = entry.getAttribute("cn"); if (cnAttr != null) { @@ -472,8 +475,11 @@ public final class UGSubsystem implements IUGSubsystem { * @return the User entity. */ protected IUser buildUser(LDAPEntry entry) throws EUsrGrpException { - IUser id = createUser(this, (String) - entry.getAttribute("uid").getStringValues().nextElement()); + LDAPAttribute uid = entry.getAttribute("uid"); + if (uid == null) { + throw new EUsrGrpException("No Attribute UID in LDAP Entry " + entry.getDN()); + } + IUser id = createUser(this, (String) uid.getStringValues().nextElement()); LDAPAttribute cnAttr = entry.getAttribute("cn"); if (cnAttr != null) { @@ -1119,7 +1125,7 @@ public final class UGSubsystem implements IUGSubsystem { } } - protected Enumeration buildGroups(LDAPSearchResults res) { + protected Enumeration buildGroups(LDAPSearchResults res) throws EUsrGrpException { Vector v = new Vector(); while (res.hasMoreElements()) { @@ -1132,8 +1138,9 @@ public final class UGSubsystem implements IUGSubsystem { /** * Finds groups. + * @throws EUsrGrpException */ - public Enumeration findGroups(String filter) { + public Enumeration findGroups(String filter) throws EUsrGrpException { if (filter == null) { return null; } @@ -1160,7 +1167,7 @@ public final class UGSubsystem implements IUGSubsystem { } } - public IGroup findGroup(String filter) { + public IGroup findGroup(String filter) throws EUsrGrpException { Enumeration groups = findGroups(filter); if (groups == null || !groups.hasMoreElements()) @@ -1205,9 +1212,14 @@ public final class UGSubsystem implements IUGSubsystem { /** * builds an instance of a Group entry + * @throws EUsrGrpException */ - protected IGroup buildGroup(LDAPEntry entry) { - String groupName = (String) entry.getAttribute("cn").getStringValues().nextElement(); + protected IGroup buildGroup(LDAPEntry entry) throws EUsrGrpException { + LDAPAttribute cn = entry.getAttribute("cn"); + if (cn == null) { + throw new EUsrGrpException("Cannot build group. No Attribute cn in LDAP Entry " + entry.getDN()); + } + String groupName = (String) cn.getStringValues().nextElement(); IGroup grp = createGroup(this, groupName); LDAPAttribute grpDesc = entry.getAttribute("description"); @@ -1357,7 +1369,9 @@ public final class UGSubsystem implements IUGSubsystem { public boolean isMemberOf(String userid, String groupname) { try { IUser user = getUser(userid); - return isMemberOfLdapGroup(user.getUserDN(), groupname); + if (user != null) { + return isMemberOfLdapGroup(user.getUserDN(), groupname); + } } catch (Exception e) { /* do nothing */ } @@ -1630,6 +1644,12 @@ public final class UGSubsystem implements IUGSubsystem { protected boolean isMatched(String dn1, String dn2) { String rdn1[] = LDAPDN.explodeDN(dn1, false); String rdn2[] = LDAPDN.explodeDN(dn2, false); + if (rdn1 == null && rdn2 == null) { + return true; + } + if (rdn1 == null || rdn2 == null) { + return false; + } if (rdn1.length == rdn2.length) { for (int j = 0; j < rdn1.length; j++) { diff --git a/base/common/test/com/netscape/cmscore/request/RequestTest.java b/base/common/test/com/netscape/cmscore/request/RequestTest.java index 7a655fd08..1de96a203 100644 --- a/base/common/test/com/netscape/cmscore/request/RequestTest.java +++ b/base/common/test/com/netscape/cmscore/request/RequestTest.java @@ -1,6 +1,5 @@ package com.netscape.cmscore.request; -import java.io.IOException; import java.math.BigInteger; import java.security.cert.CRLException; import java.security.cert.CertificateEncodingException; @@ -237,7 +236,7 @@ public class RequestTest extends CMSBaseTestCase { assertFalse(request.setExtData("key", (Integer) null)); } - public void testGetSetExtDataIntegerArray() { + public void testGetSetExtDataIntegerArray() throws Exception { Integer[] data = new Integer[] { Integer.valueOf(5), Integer.valueOf(23), @@ -245,6 +244,7 @@ public class RequestTest extends CMSBaseTestCase { }; assertTrue(request.setExtData("topkey1", data)); Integer[] retval = request.getExtDataInIntegerArray("topkey1"); + assertNotNull(retval); assertEquals(3, retval.length); assertEquals(data[0], retval[0]); assertEquals(data[1], retval[1]); @@ -276,7 +276,7 @@ public class RequestTest extends CMSBaseTestCase { assertFalse(request.setExtData("key", (BigInteger) null)); } - public void testGetSetExtDataBigIntegerArray() { + public void testGetSetExtDataBigIntegerArray() throws Exception { BigInteger[] data = new BigInteger[] { new BigInteger("111111111"), new BigInteger("222222222"), @@ -284,6 +284,7 @@ public class RequestTest extends CMSBaseTestCase { }; assertTrue(request.setExtData("topkey1", data)); BigInteger[] retval = request.getExtDataInBigIntegerArray("topkey1"); + assertNotNull(retval); assertEquals(3, retval.length); assertEquals(data[0], retval[0]); assertEquals(data[1], retval[1]); @@ -340,7 +341,7 @@ public class RequestTest extends CMSBaseTestCase { assertFalse(request.setExtData("key", (X509CertImpl) null)); } - public void testGetSetCertArray() throws CertificateException { + public void testGetSetCertArray() throws Exception { // this test is also pretty weak, but fortunately relies on the // building blocks. X509CertImpl[] vals = new X509CertImpl[] { @@ -354,6 +355,7 @@ public class RequestTest extends CMSBaseTestCase { assertFalse(cmsStub.aToBCalled); X509CertImpl[] retval = request.getExtDataInCertArray("key"); + assertNotNull(retval); assertTrue(cmsStub.aToBCalled); assertEquals(2, retval.length); @@ -363,7 +365,7 @@ public class RequestTest extends CMSBaseTestCase { assertFalse(request.setExtData("key", (X509CertImpl[]) null)); } - public void testGetSetStringArray() { + public void testGetSetStringArray() throws Exception { String[] value = new String[] { "blue", "green", "red", "orange" }; assertTrue(request.setExtData("key", value)); @@ -380,6 +382,7 @@ public class RequestTest extends CMSBaseTestCase { assertEquals("orange", hashValue.get("3")); String[] retval = request.getExtDataInStringArray("key"); + assertNotNull(retval); assertEquals(4, retval.length); assertEquals("blue", retval[0]); assertEquals("green", retval[1]); @@ -394,6 +397,7 @@ public class RequestTest extends CMSBaseTestCase { request.setExtData("kevin", hashValue); retval = request.getExtDataInStringArray("kevin"); + assertNotNull(retval); assertEquals(7, retval.length); assertEquals("square", retval[0]); assertNull(retval[1]); @@ -536,7 +540,7 @@ public class RequestTest extends CMSBaseTestCase { assertFalse(request.setExtData("key", (RevokedCertImpl[]) null)); } - public void testGetSetCertExts() throws IOException { + public void testGetSetCertExts() throws Exception { CertificateExtensions exts = new CertificateExtensions(); BasicConstraintsExtension ext = new BasicConstraintsExtension(false, 1); @@ -557,7 +561,7 @@ public class RequestTest extends CMSBaseTestCase { assertFalse(request.setExtData("key", (CertificateExtensions) null)); } - public void testGetSetCertSubjectName() throws IOException { + public void testGetSetCertSubjectName() throws Exception { CertificateSubjectName name = new CertificateSubjectName( new X500Name("cn=kevin")); assertTrue(request.setExtData("key", name)); diff --git a/base/kra/src/com/netscape/kra/RecoveryService.java b/base/kra/src/com/netscape/kra/RecoveryService.java index 19d6b5157..1b5781ca0 100644 --- a/base/kra/src/com/netscape/kra/RecoveryService.java +++ b/base/kra/src/com/netscape/kra/RecoveryService.java @@ -450,6 +450,9 @@ public class RecoveryService implements IService { // create p12 X509Certificate x509cert = request.getExtDataInCert(ATTR_USER_CERT); + if (x509cert == null) { + throw new EKRAException(CMS.getUserMessage("CMS_KRA_PKCS12_FAILED_1","Missing Certificate")); + } String pwd = (String) params.get(ATTR_TRANSPORT_PWD); // add certificate @@ -587,6 +590,9 @@ public class RecoveryService implements IService { // create p12 X509Certificate x509cert = request.getExtDataInCert(ATTR_USER_CERT); + if (x509cert == null) { + throw new EKRAException(CMS.getUserMessage("CMS_KRA_PKCS12_FAILED_1","Missing Certificate")); + } String pwd = (String) params.get(ATTR_TRANSPORT_PWD); // add certificate -- cgit