Details
-
Bug
-
Resolution: Done
-
Major
-
None
-
None
-
None
Description
Coverity static-analysis scan found possible use of null object in IdentityCredentials.contains(Class) method.
https://scan7.coverity.com/reports.htm#v16159/p11778/fileInstanceId=5862869&defectInstanceId=1561289&mergedDefectId=1377460
The method returns
return contains(credentialType, null);
If the virtual call resolves to type CredentailNode, then the contains() call may result in NPE, because the null is used as algorthmName in:
return credentialType.isInstance(credential) && algorithmName.equals(((AlgorithmCredential) credential).getAlgorithm());
Attachments
Issue Links
- clones
-
JBEAP-7258 Coverity static analysis: Explicit null dereferenced in IdentityCredentials (Elytron)
- Verified
- is incorporated by
-
ELY-753 Coverity static analysis: Explicit null dereferenced in SetCredentialsConfiguration (Elytron)
- Resolved