Code review request: 7158329: NPE in sun.security.krb5.Credentials.acquireDefaultCreds()

Valerie (Yu-Ching) Peng valerie.peng at oracle.com
Fri Apr 6 23:58:04 UTC 2012


The source changes look good except the minor nit that the copyright 
year should be updated to 2012.
As for the test, shouldn't it use the "file" variable instead of the 
"tmpcc" values?
Also, it may be better to name the "file" variable more specifically, 
like "ccache" or "emptyCCache".
Thanks,
Valerie

On 04/05/12 19:35, Weijun Wang wrote:
> Webrev updated:
>
>   http://cr.openjdk.java.net/~weijun/7158329/webrev.01
>
> No change to src.
>
> *Jon*: Is this the correct style to use ProcessBuilder to launch a 
> test? I guess there is no need to go othervm?
>
> *Valerie*: Can you take a review on this?
>
> Thanks
> Max
>
> On 04/06/2012 02:29 AM, Jonathan Gibbons wrote:
>> Max,
>>
>> If it were me writing the test, I'd avoid using a shell script and would
>> write Java code using ProcessBuilder to set an env-var and then realunch
>> the test via new File(new File(System.getProperty("java.home"), "bin"),
>> "java");
>>
>> This Java code could even be co-located in the EmptyCC.java file.
>>
>> -- Jon
>>
>>
>> On 04/05/2012 02:32 AM, Weijun Wang wrote:
>>> The webrev is at
>>>
>>> http://cr.openjdk.java.net/~weijun/7158329/webrev.00/
>>>
>>> There are two places where the content (getDefaultCreds) of a cache
>>> might be null, one with a specified ccache file name, one default. In
>>> order to check for both, a KRB5CCNAME environment variable is needed.
>>> Therefore the test must be a script calling a Java program.
>>>
>>> *Jon*: I guess this is the only way to feed an environment variable to
>>> a Java test?
>>>
>>> Thanks
>>> Max
>>>
>>> -------- Original Message --------
>>> *Change Request ID*: 7158329
>>> *Synopsis*: NPE in sun.security.krb5.Credentials.acquireDefaultCreds()
>>>
>>> Product: java
>>> Category: java
>>> Subcategory: classes_security
>>> Type: Defect
>>>
>>> === *Description*
>>> ============================================================
>>> FULL PRODUCT VERSION :
>>> java version "1.6.0_26"
>>> Java(TM) SE Runtime Environment (build 1.6.0_26-b03)
>>> Java HotSpot(TM) Client VM (build 20.1-b02, mixed mode, sharing)
>>>
>>> ADDITIONAL OS VERSION INFORMATION :
>>> Microsoft Windows XP [Version 5.1.2600]
>>>
>>> A DESCRIPTION OF THE PROBLEM :
>>> Trying to invoke login with Krb5LoginModule, debug=false,
>>> doNotPrompt=true, useTicketCache=true, storeKey=false.
>>>
>>> When an empty file krb5cc_<username> in <userhome> exists, this throws
>>> a NullPointerException in
>>> sun.security.krb5.Credentials.acquireDefaultCreds().
>>>
>>> The cause is the following code:
>>>
>>> if (cache == null) {
>>> cache = CredentialsCache.getInstance();
>>> }
>>> if (cache != null) {
>>> if (DEBUG) {
>>> System.out.println(">>> KrbCreds found the default ticket " +
>>> "granting ticket in credential cache.");
>>> }
>>> sun.security.krb5.internal.ccache.Credentials temp =
>>> cache.getDefaultCreds();
>>> if (EType.isSupported(temp.getEType())) {
>>> result = temp.setKrbCreds();
>>> } else {
>>> if (DEBUG) {
>>> System.out.println(
>>> ">>> unsupported key type found the default TGT: " +
>>> temp.getEType());
>>> }
>>> }
>>> }
>>>
>>> where cache.getDefaultCreds() can and will return null in case the
>>> ticket cache is empty, so the EType.isSupported(...) fails.
>>>
>>>
>>> REPRODUCIBILITY :
>>> This bug can be reproduced always.
>>>
>>




More information about the security-dev mailing list