7094155 Code Review Request
Xuelei Fan
xuelei.fan at oracle.com
Thu Oct 27 02:50:21 UTC 2011
Looks fine to me.
I also look at some other places that use the Node.getLocalName(). As
this method may return null, I was wondering it would be nice if we also
make changes to
com/sun/org/apache/xml/internal/security/utils/ElementCheckerImpl.java,
line 10:
9 if ((el == null) ||
10 ns!=el.getNamespaceURI() || !el.getLocalName().equals(type)){
11 return false;
12 }
and signature/Manifest.java, line 337:
334 if ((n.getNodeType() == Node.ELEMENT_NODE) && ((Element) n)
335 .getNamespaceURI()
336 .equals(Constants.SignatureSpecNS) && ((Element) n)
337 .getLocalName().equals(Constants._TAG_MANIFEST)) {
and signature/XMLSignature.java, line 318:
317 if ((keyInfoElem != null) && (keyInfoElem.getNamespaceURI().equals
(Constants.SignatureSpecNS) &&
318 keyInfoElem.getLocalName().equals(Constants._TAG_KEYINFO)) ) {
319 this._keyInfo = new KeyInfo(keyInfoElem, BaseURI);
If Node.getLocalName() returns, the above lines might throw NPE.
Xuelei
On 10/26/2011 8:54 PM, Sean Mullan wrote:
> Hi Xuelei,
>
> Could you please review my fix for 7094155 (JSR105 code throws
> javax.xml.crypto.URIReference when running into Java 7 VM)?
>
> webrev: http://cr.openjdk.java.net/~mullan/webrevs/7094155/webrev.00/
>
> Thanks,
> Sean
More information about the security-dev
mailing list