This is an automated email from the ASF dual-hosted git repository. coheigea pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ws-wss4j.git
The following commit(s) were added to refs/heads/master by this push: new 172c0884d Adding some NPE guards 172c0884d is described below commit 172c0884deb0562081aa45259ee7eddbd85ce9a8 Author: Colm O hEigeartaigh <cohei...@apache.org> AuthorDate: Thu Jul 14 09:07:59 2022 +0100 Adding some NPE guards --- .../org/apache/wss4j/dom/util/EncryptionUtils.java | 5 +++-- .../input/SignatureConfirmationInputProcessor.java | 26 ++++++++++++---------- 2 files changed, 17 insertions(+), 14 deletions(-) diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/EncryptionUtils.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/EncryptionUtils.java index 667398017..4a0074626 100644 --- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/EncryptionUtils.java +++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/EncryptionUtils.java @@ -48,7 +48,6 @@ import javax.crypto.SecretKey; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; -import javax.xml.parsers.ParserConfigurationException; import java.io.ByteArrayInputStream; import java.io.IOException; @@ -361,7 +360,7 @@ public final class EncryptionUtils { SecretKey symmetricKey, String symEncAlgo, CallbackHandler attachmentCallbackHandler, String xopURI, Element encData ) throws WSSecurityException, IOException, UnsupportedCallbackException, NoSuchAlgorithmException, - NoSuchPaddingException, ParserConfigurationException, XMLParserException { + NoSuchPaddingException, XMLParserException { if (attachmentCallbackHandler == null) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK); @@ -402,6 +401,8 @@ public final class EncryptionUtils { String fixedElementStr = setParentPrefixes(encData, new String(bytes)); document = org.apache.xml.security.utils.XMLUtils.read( new ByteArrayInputStream(fixedElementStr.getBytes()), true); + } else { + throw ex; } } diff --git a/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SignatureConfirmationInputProcessor.java b/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SignatureConfirmationInputProcessor.java index 89461d066..9bd972077 100644 --- a/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SignatureConfirmationInputProcessor.java +++ b/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SignatureConfirmationInputProcessor.java @@ -69,22 +69,24 @@ public class SignatureConfirmationInputProcessor extends AbstractInputProcessor throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY); } - for (int i = 0; i < signatureValueSecurityEventList.size(); i++) { - SignatureValueSecurityEvent signatureValueSecurityEvent = signatureValueSecurityEventList.get(i); - byte[] signatureValue = signatureValueSecurityEvent.getSignatureValue(); + if (signatureValueSecurityEventList != null) { + for (int i = 0; i < signatureValueSecurityEventList.size(); i++) { + SignatureValueSecurityEvent signatureValueSecurityEvent = signatureValueSecurityEventList.get(i); + byte[] signatureValue = signatureValueSecurityEvent.getSignatureValue(); - boolean found = false; + boolean found = false; - for (int j = 0; j < signatureConfirmationTypeList.size(); j++) { - SignatureConfirmationType signatureConfirmationType = signatureConfirmationTypeList.get(j); - byte[] sigConfValue = signatureConfirmationType.getValue(); - if (Arrays.equals(signatureValue, sigConfValue)) { - found = true; + for (int j = 0; j < signatureConfirmationTypeList.size(); j++) { + SignatureConfirmationType signatureConfirmationType = signatureConfirmationTypeList.get(j); + byte[] sigConfValue = signatureConfirmationType.getValue(); + if (Arrays.equals(signatureValue, sigConfValue)) { + found = true; + } } - } - if (!found) { - throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY); + if (!found) { + throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY); + } } } }