Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8019267

NPE in AbstractSaslImpl when trace level >= FINER in KRB5

    XMLWordPrintable

Details

    • b100
    • windows_7
    • Verified

    Backports

      Description

        FULL PRODUCT VERSION :
        Java 7 (and tested on Java 6, same error)

        ADDITIONAL OS VERSION INFORMATION :
        Windows 7 x64

        A DESCRIPTION OF THE PROBLEM :
        NPE when tracing Kerberos authentication with LDAP and logger.Level >= FINER
        because the value being passed to the trace is null and " output.length " is
        evaluated unchecked, making detailed SASL analysis impossible.

        Proposed solution: Add check to parameter => (output==null?0:output.length)


        Error in:

        Class: com.sun.security.sasl.util.AbstractSaslImpl
        Method: traceOutput(String srcClass, String srcMethod, String traceTag, byte[]
        output)
        line # 259

        > Null untested when passing output.length

        Called from:
        Class: com.sun.security.sasl.gsskerb.GssKrb5Client
        Method: evaluateChallenge(byte[] challengeData)
        lines # 198 - 199

        > gssOutToken is null after initial initSecContext @ line 196

        STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
        Try tracing LDAP SASL with Kerberos with default " .level.FINER "

        EXPECTED VERSUS ACTUAL BEHAVIOR :
        EXPECTED -
        LDAP Result
        ACTUAL -
        NullPointerException from attempted trace output

        REPRODUCIBILITY :
        This bug can be reproduced always.

        CUSTOMER SUBMITTED WORKAROUND :
        Don't trace the package at FINER and above.

        Attachments

          Issue Links

            Activity

              People

                weijun Weijun Wang
                webbuggrp Webbug Group
                Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: