Fix potential NPE in UsersTool (#37660)

It looks like the output of FileUserPasswdStore.parseFile shouldn't be wrapped 
into another map since its output can be null. Doing this wrapping after the null
check (which potentially raises an exception) instead.
This commit is contained in:
Christoph Büscher 2019-01-22 17:34:13 +01:00 committed by GitHub
parent 5c1a1f7ac1
commit 256e01ca92
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions

View File

@ -7,6 +7,7 @@ package org.elasticsearch.xpack.security.authc.file.tool;
import joptsimple.OptionSet; import joptsimple.OptionSet;
import joptsimple.OptionSpec; import joptsimple.OptionSpec;
import org.elasticsearch.cli.EnvironmentAwareCommand; import org.elasticsearch.cli.EnvironmentAwareCommand;
import org.elasticsearch.cli.ExitCodes; import org.elasticsearch.cli.ExitCodes;
import org.elasticsearch.cli.LoggingAwareMultiCommand; import org.elasticsearch.cli.LoggingAwareMultiCommand;
@ -221,7 +222,7 @@ public class UsersTool extends LoggingAwareMultiCommand {
Path file = FileUserPasswdStore.resolveFile(env); Path file = FileUserPasswdStore.resolveFile(env);
FileAttributesChecker attributesChecker = new FileAttributesChecker(file); FileAttributesChecker attributesChecker = new FileAttributesChecker(file);
Map<String, char[]> users = new HashMap<>(FileUserPasswdStore.parseFile(file, null, env.settings())); Map<String, char[]> users = FileUserPasswdStore.parseFile(file, null, env.settings());
if (users == null) { if (users == null) {
throw new UserException(ExitCodes.CONFIG, "Configuration file [" + file + "] is missing"); throw new UserException(ExitCodes.CONFIG, "Configuration file [" + file + "] is missing");
} }
@ -229,6 +230,7 @@ public class UsersTool extends LoggingAwareMultiCommand {
throw new UserException(ExitCodes.NO_USER, "User [" + username + "] doesn't exist"); throw new UserException(ExitCodes.NO_USER, "User [" + username + "] doesn't exist");
} }
final Hasher hasher = Hasher.resolve(XPackSettings.PASSWORD_HASHING_ALGORITHM.get(env.settings())); final Hasher hasher = Hasher.resolve(XPackSettings.PASSWORD_HASHING_ALGORITHM.get(env.settings()));
users = new HashMap<>(users); // make modifiable
users.put(username, hasher.hash(new SecureString(password))); users.put(username, hasher.hash(new SecureString(password)));
FileUserPasswdStore.writeFile(users, file); FileUserPasswdStore.writeFile(users, file);