RFR: 8282730: LdapLoginModule throw NPE from logout method after login failure

Weijun Wang weijun at openjdk.org
Mon Jul 11 19:54:08 UTC 2022


On Mon, 11 Jul 2022 18:49:26 GMT, Sean Mullan <mullan at openjdk.org> wrote:

>> Add null-checks in all `LoginModule` implementations. It's possible that an application calls `logout` after a login failure, where most internal variables for principals and credentials are null and removing a null from the `Subject`'s principals and credentials sets will trigger a `NullPointerException`.
>
> src/jdk.security.auth/share/classes/com/sun/security/auth/module/UnixLoginModule.java line 289:
> 
>> 287:             subject.getPrincipals().remove(GIDPrincipal);
>> 288:         }
>> 289:         if (supplementaryGroups != null) {
> 
> This line is harmless, but you could take it out as supplementaryGroups is never null.

Yes, in fact, whenever `add()` is called, a `new UnixNumericGroupPrincipal(...)` is added. So it seems there is no need to check the elements inside as well. Same in `JndiLoginModule`. In `NTLoginModule`, while the `groups` array itself can be null, its element is also never null.

-------------

PR: https://git.openjdk.org/jdk/pull/9348



More information about the security-dev mailing list