search

funcool / buddy-hashers

Collection of password hashers.
https://funcool.github.io/buddy-hashers/latest/
Apache License 2.0
75 stars 16 forks source link

NullPointerException on malformatted hash string #12

Closed Rovanion closed 7 years ago

Rovanion commented 8 years ago

I'd like to preface this text with that I'm quite new to Clojure the world of functional programming and that it might just be that I'm not as good at comprehending the errors I'm thrown as I should be.

But I was writing some code along the lines of:

(hashers/check "bcrypt+sha512$somehash" "plaintext password")

Calling the above threw the following stack trace at me:

1. Unhandled java.lang.NullPointerException
   (No message)

                codecs.clj:   45  buddy.core.codecs/hex->bytes
                codecs.clj:   42  buddy.core.codecs/hex->bytes
               hashers.clj:  285  buddy.hashers/eval32988/fn
              MultiFn.java:  229  clojure.lang.MultiFn/invoke
               hashers.clj:  340  buddy.hashers/check
               hashers.clj:  333  buddy.hashers/check
               hashers.clj:  337  buddy.hashers/check
               hashers.clj:  333  buddy.hashers/check
                      REPL:   31  webrtclojure.accounts/eval33270
                      REPL:   31  webrtclojure.accounts/eval33270
             Compiler.java: 6927  clojure.lang.Compiler/eval
             Compiler.java: 6890  clojure.lang.Compiler/eval
                  core.clj: 3105  clojure.core/eval
                  core.clj: 3101  clojure.core/eval
                  main.clj:  240  clojure.main/repl/read-eval-print/fn
                  main.clj:  240  clojure.main/repl/read-eval-print
                  main.clj:  258  clojure.main/repl/fn
                  main.clj:  258  clojure.main/repl
                  main.clj:  174  clojure.main/repl
               RestFn.java: 1523  clojure.lang.RestFn/invoke
    interruptible_eval.clj:   87  clojure.tools.nrepl.middleware.interruptible-eval/evaluate/fn
                  AFn.java:  152  clojure.lang.AFn/applyToHelper
                  AFn.java:  144  clojure.lang.AFn/applyTo
                  core.clj:  646  clojure.core/apply
                  core.clj: 1881  clojure.core/with-bindings*
                  core.clj: 1881  clojure.core/with-bindings*
               RestFn.java:  425  clojure.lang.RestFn/invoke
    interruptible_eval.clj:   85  clojure.tools.nrepl.middleware.interruptible-eval/evaluate
    interruptible_eval.clj:   55  clojure.tools.nrepl.middleware.interruptible-eval/evaluate
    interruptible_eval.clj:  222  clojure.tools.nrepl.middleware.interruptible-eval/interruptible-eval/fn/fn
    interruptible_eval.clj:  190  clojure.tools.nrepl.middleware.interruptible-eval/run-next/fn
                  AFn.java:   22  clojure.lang.AFn/run
   ThreadPoolExecutor.java: 1142  java.util.concurrent.ThreadPoolExecutor/runWorker
   ThreadPoolExecutor.java:  617  java.util.concurrent.ThreadPoolExecutor$Worker/run
               Thread.java:  745  java.lang.Thread/run

Which I found hard to interpret. I double checked and yes I did pass in both the plaintext password and the hash, why am I getting a NullPointerException thrown at me? None of them are nil and null belongs to the Java world.

As both you and I now know the error was because I had passed in the arguments in the wrong order. That is of course easy to fix on my end. The reason I bring this up is that perhaps this could be signalled better, perhaps there should be a nil check at some point in the hashers code where the substrings representing hash type is picked out?

Again I ask for forgiveness if this a wierd thing to request in the Clojure world, and wish you a fine evening my dear reader.

niwinz commented 8 years ago

Hmm, seems like a bug, tha NPE should not be happening. Thanks for report.