latch101 / seek-for-android

Automatically exported from code.google.com/p/seek-for-android
0 stars 0 forks source link

Possible null pointer in AccessController.java #51

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What's the problem?
I'm not set up as conmmiter, but when I look through code I found a possible 
problem?

From patch-file for 2.4.0:
+    public void checkCommand(IChannel channel, byte[] command) {
+
+        ChannelAccess ca = channel.getChannelAccess();
+        String reason = ca.getReason();
+        if (reason.length() == 0) {
+            reason = "Command not allowed!";
+        }
+        if (ca == null) {
+
+            throw new AccessControlException(ARA_ENFORCER + "Channel access 
not set");
+        }
+        if (ca.isNoAccess()) {
+
+            throw new AccessControlException(ARA_ENFORCER + reason);
+        }

What steps will reproduce the problem?

If ca is null we do ca.getReason() before doing the if (ca == null).
If this case can occur this blocks should switch places. If it cannot occur we 
should no check for null?

What is the expected output? What do you see instead?
If in current code crash if called when ca is not present.

What version of the product are you using? On what operating system?
N/A

Please provide any additional information below.

Feel free to contact me.

Original issue reported on code.google.com by mats.ake...@gmail.com on 22 Feb 2013 at 9:29

GoogleCodeExporter commented 9 years ago
This issue was also recognized in the current developer version and is already 
fixed.

ca will now checked before any method is accessed.

    public synchronized void checkCommand(IChannel channel, byte[] command) {

        ChannelAccess ca = channel.getChannelAccess();
        if (ca == null) {
            throw new AccessControlException(ACCESS_CONTROL_ENFORCER + "Channel access not set");
        }

        String reason = ca.getReason();
        if (reason.length() == 0) {
            reason = "Command not allowed!";
        }

Original comment by schus...@gmail.com on 18 Mar 2013 at 2:46

GoogleCodeExporter commented 9 years ago
setting old issues from fixed to done

Original comment by Daniel.A...@gi-de.com on 5 Jul 2013 at 2:33