This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 137eb9e940 Fix possible NPE
137eb9e940 is described below
commit 137eb9e9402265d654815c51326f240a54c9f7b9
Author: remm <r...@apache.org>
AuthorDate: Mon Sep 11 12:49:31 2023 +0200
Fix possible NPE
Found by coverity.
---
java/org/apache/catalina/realm/RealmBase.java | 3 +++
1 file changed, 3 insertions(+)
diff --git a/java/org/apache/catalina/realm/RealmBase.java
b/java/org/apache/catalina/realm/RealmBase.java
index b6c0ec65cc..53fcf8fc03 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -855,6 +855,9 @@ public abstract class RealmBase extends LifecycleMBeanBase
implements Realm {
// For AllRolesMode.STRICT_AUTH_ONLY_MODE there must be
zero roles
roles = request.getContext().findSecurityRoles();
+ if (roles == null) {
+ roles = new String[0];
+ }
if (roles.length == 0 && allRolesMode ==
AllRolesMode.STRICT_AUTH_ONLY_MODE) {
if (log.isDebugEnabled()) {
log.debug("Granting access for role-name=*, strict
auth-only");
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
