Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[bugfix] guard against NPE in securitymanager #5158

Open
wants to merge 2 commits into
base: develop
Choose a base branch
from

Conversation

line-o
Copy link
Member

@line-o line-o commented Dec 11, 2023

Description:

Reference:

supersedes #4671
fixes #4670

Type of tests:

@line-o line-o requested a review from a team as a code owner December 11, 2023 19:10
@line-o
Copy link
Member Author

line-o commented Dec 11, 2023

@reinhapa unfortunately, our fix for the IdFunctionTest only worked on my local machine.

if (!sameUserWithSameGroups(context.getRealUser(), context.getEffectiveUser())) {
final Subject effectiveUser = context.getEffectiveUser();
if (effectiveUser != null && (
realUser == null || !sameUserWithSameGroups(realUser, effectiveUser))) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

realUser will never be null

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems to be possible, looking at the initial bug report in #4670

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If context.realUser returns null - then that indicates a serious bug elsewhere that needs to be solved. Changing the code here will only hide that bug and make it much harder to find!

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

throw XPathexception instead ?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would consider actually throwing a RuntimeException and shutting down - as at this point the security of the system is completely compromised

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll try that and see if tests still pass


if (!sameUserWithSameGroups(context.getRealUser(), context.getEffectiveUser())) {
final Subject effectiveUser = context.getEffectiveUser();
if (effectiveUser != null && (
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be much cleaner to move the null check into the function sameUserWithSameGroups

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

subjectToXml(builder, context.getRealUser());
builder.endElement();
final Subject realUser = context.getRealUser();
if (realUser != null) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

realUser will never be null

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see comment above

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

throw XPathException in this case?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A null value should not happen but... defensive programming in a complex application is not a too bad idea I'd say.

A log to detect the situation/throw exception ... both would be OK for me.

Move null check into function sameUserWithSameGroups.
@line-o
Copy link
Member Author

line-o commented Dec 12, 2023

@reinhapa It turned out that the same fix had to be applied to the other two tests for IdFunction as well. Now they all pass. 🎉

Copy link

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[BUG] NPE in org.exist.xquery.functions.securitymanager.IdFunction
4 participants