[jdk24u] RFR: 8350554: Harden X509CertImpl.getExtensionValue for NPE cases [v2]
Konanki Sreenath
duke at openjdk.org
Tue Feb 25 06:04:34 UTC 2025
> Earlier code will trigger NPE if the certificate does not contain the extensions or if the requested extensions does not exist. The better approach for hardening getExtensionValue here is to to check for NULL explicitly before calling getExtensionValue() and avoding try-catch block which ensures the readability and maintainability.
>
> After scanning in multiple places where invokng getExtensions on the X509CertInfo reference, the check for NULL is added in the getKeyUsage() as well while calling before getExtensionValue()
>
> The associated tests are written and added in test class CertificateExtensions. Which will ensure to validate the
> getExtensionValue() and getKeyUsage() methods in X509CertImpl class.
Konanki Sreenath has refreshed the contents of this pull request, and previous commits have been removed. The incremental views will show differences compared to the previous content of the PR. The pull request contains one new commit since the last revision:
Backport 70a6c0b7ac952eebdffa1d64399cd0ee1efec1f6
-------------
Changes:
- all: https://git.openjdk.org/jdk24u/pull/88/files
- new: https://git.openjdk.org/jdk24u/pull/88/files/2fcfe10f..8030273c
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk24u&pr=88&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk24u&pr=88&range=00-01
Stats: 0 lines in 0 files changed: 0 ins; 0 del; 0 mod
Patch: https://git.openjdk.org/jdk24u/pull/88.diff
Fetch: git fetch https://git.openjdk.org/jdk24u.git pull/88/head:pull/88
PR: https://git.openjdk.org/jdk24u/pull/88
More information about the jdk-updates-dev
mailing list