-
Bug
-
Resolution: Done
-
Critical
-
7.1.0.DR8
Coverity static-analysis scan found possible use of null object in LdapKeyStore constructor.
https://scan7.coverity.com/reports.htm#v16159/p11778/fileInstanceId=5760194&defectInstanceId=1541374&mergedDefectId=1369294
The LdapKeyStore.Builder.build() method constructs the LdapKeyStore instance this way:
return new LdapKeyStore(spi, null, null);
and the constructor just calls parent ctor:
protected LdapKeyStore(KeyStoreSpi keyStoreSpi, Provider provider, String type) { super(keyStoreSpi, provider, type); }
And it fails with NPE if debug for KeyStore is enabled as the constructor contains:
if (!skipDebug && pdebug != null) { pdebug.println("KeyStore." + type.toUpperCase() + " type from: " + this.provider.getName()); }
- is cloned by
-
ELY-751 Coverity static analysis: Explicit null dereferenced in LdapKeyStore (Elytron)
- Resolved