HADOOP-10733. Fix potential null dereference in CredShell. (Ted Yu via

omalley)


git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1611419 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Owen O'Malley 2014-07-17 18:09:41 +00:00
parent 9aaa714a99
commit 1e7ce76bba
3 changed files with 23 additions and 4 deletions

View File

@ -420,6 +420,9 @@ Release 2.6.0 - UNRELEASED
HADOOP-10732. Fix locking in credential update. (Ted Yu via omalley)
HADOOP-10733. Fix potential null dereference in CredShell. (Ted Yu via
omalley)
OPTIMIZATIONS
BUG FIXES

View File

@ -373,12 +373,12 @@ public class CredentialShell extends Configured implements Tool {
char[] newPassword2 = c.readPassword("Enter password again: ");
noMatch = !Arrays.equals(newPassword1, newPassword2);
if (noMatch) {
Arrays.fill(newPassword1, ' ');
if (newPassword1 != null) Arrays.fill(newPassword1, ' ');
c.format("Passwords don't match. Try again.%n");
} else {
cred = newPassword1;
}
Arrays.fill(newPassword2, ' ');
if (newPassword2 != null) Arrays.fill(newPassword2, ' ');
} while (noMatch);
return cred;
}

View File

@ -127,6 +127,22 @@ public class TestCredShell {
"CredentialProviders configured."));
}
@Test
public void testPromptForCredentialWithEmptyPasswd() throws Exception {
String[] args1 = {"create", "credential1", "--provider",
"jceks://file" + tmpDir + "/credstore.jceks"};
ArrayList<String> passwords = new ArrayList<String>();
passwords.add(null);
passwords.add("p@ssw0rd");
int rc = 0;
CredentialShell shell = new CredentialShell();
shell.setConf(new Configuration());
shell.setPasswordReader(new MockPasswordReader(passwords));
rc = shell.run(args1);
assertEquals(outContent.toString(), -1, rc);
assertTrue(outContent.toString().contains("Passwords don't match"));
}
@Test
public void testPromptForCredential() throws Exception {
String[] args1 = {"create", "credential1", "--provider",
@ -162,7 +178,7 @@ public class TestCredShell {
public char[] readPassword(String prompt) {
if (passwords.size() == 0) return null;
String pass = passwords.remove(0);
return pass.toCharArray();
return pass == null ? null : pass.toCharArray();
}
@Override