[ https://issues.apache.org/jira/browse/KARAF-4212?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jean-Baptiste Onofré updated KARAF-4212: ---------------------------------------- Fix Version/s: (was: 4.0.7) 4.0.8 > Null Dereference > ---------------- > > Key: KARAF-4212 > URL: https://issues.apache.org/jira/browse/KARAF-4212 > Project: Karaf > Issue Type: Bug > Affects Versions: 4.0.3 > Reporter: Eduardo Aguinaga > Fix For: 4.1.0, 4.0.8 > > > HP Fortify SCA and SciTools Understand were used to perform an application > security analysis on the karaf source code. > The method execute() in LoadTest.java can crash the program by dereferencing > a null pointer on line 71. > File: bundle/core/src/main/java/org/apache/karaf/bundle/command/LoadTest.java > Line: 71 > LoadTest.java, lines 65-74: > {code} > 65 @Override > 66 public Object execute() throws Exception { > 67 if (!confirm(session)) { > 68 return null; > 69 } > 70 final BundleContext bundleContext = > this.bundleContext.getBundle(0).getBundleContext(); > 71 final FrameworkWiring wiring = > bundleContext.getBundle().adapt(FrameworkWiring.class); > 72 final CountDownLatch latch = new CountDownLatch(threads); > 73 final Bundle[] bundles = bundleContext.getBundles(); > 74 final AtomicBoolean[] locks = new AtomicBoolean[bundles.length]; > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)