This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 2b2f0c6754 Fix possible NPE
2b2f0c6754 is described below
commit 2b2f0c675467a7faaf51b8dabd73cc49a51c1c2f
Author: remm <r...@apache.org>
AuthorDate: Mon Sep 11 12:49:31 2023 +0200
Fix possible NPE
Found by coverity.
---
java/org/apache/catalina/realm/RealmBase.java | 3 +++
1 file changed, 3 insertions(+)
diff --git a/java/org/apache/catalina/realm/RealmBase.java
b/java/org/apache/catalina/realm/RealmBase.java
index 9d7e9a760b..9fccf63ed4 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -855,6 +855,9 @@ public abstract class RealmBase extends LifecycleMBeanBase
implements org.apache
// For AllRolesMode.STRICT_AUTH_ONLY_MODE there must be
zero roles
roles = request.getContext().findSecurityRoles();
+ if (roles == null) {
+ roles = new String[0];
+ }
if (roles.length == 0 && allRolesMode ==
AllRolesMode.STRICT_AUTH_ONLY_MODE) {
if (log.isDebugEnabled()) {
log.debug("Granting access for role-name=*, strict
auth-only");
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
