Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8019267

NPE in AbstractSaslImpl when trace level >= FINER in KRB5

    Details

    • Subcomponent:
    • Resolved In Build:
      b100
    • OS:
      windows_7
    • Verification:
      Verified

      Backports

        Description

        FULL PRODUCT VERSION :
        Java 7 (and tested on Java 6, same error)

        ADDITIONAL OS VERSION INFORMATION :
        Windows 7 x64

        A DESCRIPTION OF THE PROBLEM :
        NPE when tracing Kerberos authentication with LDAP and logger.Level >= FINER
        because the value being passed to the trace is null and " output.length " is
        evaluated unchecked, making detailed SASL analysis impossible.

        Proposed solution: Add check to parameter => (output==null?0:output.length)


        Error in:

        Class: com.sun.security.sasl.util.AbstractSaslImpl
        Method: traceOutput(String srcClass, String srcMethod, String traceTag, byte[]
        output)
        line # 259

        > Null untested when passing output.length

        Called from:
        Class: com.sun.security.sasl.gsskerb.GssKrb5Client
        Method: evaluateChallenge(byte[] challengeData)
        lines # 198 - 199

        > gssOutToken is null after initial initSecContext @ line 196

        STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
        Try tracing LDAP SASL with Kerberos with default " .level.FINER "

        EXPECTED VERSUS ACTUAL BEHAVIOR :
        EXPECTED -
        LDAP Result
        ACTUAL -
        NullPointerException from attempted trace output

        REPRODUCIBILITY :
        This bug can be reproduced always.

        CUSTOMER SUBMITTED WORKAROUND :
        Don't trace the package at FINER and above.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  weijun Weijun Wang
                  Reporter:
                  webbuggrp Webbug Group
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: