You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by pr...@apache.org on 2021/12/10 08:52:47 UTC

[ranger] branch master updated: RANGER-3427: Null Dereference in PublicApis.java

This is an automated email from the ASF dual-hosted git repository.

pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new 07b2931  RANGER-3427: Null Dereference in PublicApis.java
07b2931 is described below

commit 07b293187838c00073a34ba63b50bbeff7069e89
Author: Mallika Gogoi <ma...@gmail.com>
AuthorDate: Fri Dec 10 12:40:22 2021 +0530

    RANGER-3427: Null Dereference in PublicApis.java
    
    Signed-off-by: pradeep <pr...@apache.org>
---
 .../src/main/java/org/apache/ranger/rest/PublicAPIs.java     | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java
index 7df9579..bdbbc9c 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java
@@ -40,6 +40,7 @@ import org.springframework.transaction.annotation.Propagation;
 import org.springframework.transaction.annotation.Transactional;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import javax.ws.rs.*;
 import javax.ws.rs.core.Context;
 
@@ -263,7 +264,10 @@ public class PublicAPIs {
 		if(logger.isDebugEnabled()) {
 			logger.debug("==> PublicAPIs.createPolicy()");
 		}
-		
+
+		if(vXPolicy == null) {
+		    throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, "Policy object is null in create policy api", false);
+		}
 		RangerService service = serviceREST.getServiceByName(vXPolicy.getRepositoryName());
 		RangerPolicy  policy  = serviceUtil.toRangerPolicy(vXPolicy,service);
 
@@ -293,7 +297,11 @@ public class PublicAPIs {
 		if(logger.isDebugEnabled()) {
 			logger.debug("==> PublicAPIs.updatePolicy(): "  + vXPolicy );
 		}
-		
+
+		if(vXPolicy == null) {
+			throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, "Policy object is null in update policy api", false);
+		}
+
 		XXPolicy existing = daoMgr.getXXPolicy().getById(id);
 		if(existing == null) {
 			throw restErrorUtil.createRESTException("Policy not found for Id: " + id, MessageEnums.DATA_NOT_FOUND);