Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HADOOP-10733. Fix potential null dereference in CredShell. (Ted Yu via 

omalley)


git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1611419 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Owen O'Malley 2014-07-17 18:09:41 +00:00
parent 9aaa714a99
commit 1e7ce76bba
3 changed files with 23 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hadoop-common-project/hadoop-common/CHANGES.txt
View File

@ -420,6 +420,9 @@ Release 2.6.0 - UNRELEASED
HADOOP-10732. Fix locking in credential update. (Ted Yu via omalley) HADOOP-10732. Fix locking in credential update. (Ted Yu via omalley)
HADOOP-10733. Fix potential null dereference in CredShell. (Ted Yu via
omalley)
OPTIMIZATIONS OPTIMIZATIONS
BUG FIXES BUG FIXES

4
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/alias/CredentialShell.java
View File

@ -373,12 +373,12 @@ public class CredentialShell extends Configured implements Tool {
char[] newPassword2 = c.readPassword("Enter password again: "); char[] newPassword2 = c.readPassword("Enter password again: ");
noMatch = !Arrays.equals(newPassword1, newPassword2); noMatch = !Arrays.equals(newPassword1, newPassword2);
if (noMatch) { if (noMatch) {
Arrays.fill(newPassword1, ' '); if (newPassword1 != null) Arrays.fill(newPassword1, ' ');
c.format("Passwords don't match. Try again.%n"); c.format("Passwords don't match. Try again.%n");
} else { } else {
cred = newPassword1; cred = newPassword1;
} }
Arrays.fill(newPassword2, ' '); if (newPassword2 != null) Arrays.fill(newPassword2, ' ');
} while (noMatch); } while (noMatch);
return cred; return cred;
} }

18
hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/alias/TestCredShell.java
View File

@ -127,6 +127,22 @@ public class TestCredShell {
"CredentialProviders configured.")); "CredentialProviders configured."));
} }
@Test
public void testPromptForCredentialWithEmptyPasswd() throws Exception {
String[] args1 = {"create", "credential1", "--provider",
"jceks://file" + tmpDir + "/credstore.jceks"};
ArrayList<String> passwords = new ArrayList<String>();
passwords.add(null);
passwords.add("p@ssw0rd");
int rc = 0;
CredentialShell shell = new CredentialShell();
shell.setConf(new Configuration());
shell.setPasswordReader(new MockPasswordReader(passwords));
rc = shell.run(args1);
assertEquals(outContent.toString(), -1, rc);
assertTrue(outContent.toString().contains("Passwords don't match"));
}
@Test @Test
public void testPromptForCredential() throws Exception { public void testPromptForCredential() throws Exception {
String[] args1 = {"create", "credential1", "--provider", String[] args1 = {"create", "credential1", "--provider",
@ -162,7 +178,7 @@ public class TestCredShell {
public char[] readPassword(String prompt) { public char[] readPassword(String prompt) {
if (passwords.size() == 0) return null; if (passwords.size() == 0) return null;
String pass = passwords.remove(0); String pass = passwords.remove(0);
return pass.toCharArray(); return pass == null ? null : pass.toCharArray();
} }
@Override @Override