You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2019/03/16 18:18:50 UTC
[Bug 63266] New: NullPointerException at
org.apache.catalina.loader.WebappClassLoaderBase.binaryNameToPath
https://bz.apache.org/bugzilla/show_bug.cgi?id=63266
Bug ID: 63266
Summary: NullPointerException at
org.apache.catalina.loader.WebappClassLoaderBase.binar
yNameToPath
Product: Tomcat 7
Version: 7.0.76
Hardware: PC
OS: Mac OS X 10.1
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: minfrin@apache.org
Target Milestone: ---
Currently getting the following exception from a jersey application hosted in
tomcat v7.0.76 as provided by centos7:
java.lang.NullPointerException
at
org.apache.catalina.loader.WebappClassLoaderBase.binaryNameToPath(WebappClassLoaderBase.java:3604)
at
org.apache.catalina.loader.WebappClassLoaderBase.findLoadedClass0(WebappClassLoaderBase.java:3683)
at
org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1784)
at
org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1735)
at
org.apache.catalina.core.StandardWrapper.servletSecurityAnnotationScan(StandardWrapper.java:1211)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:495)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1087)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
at
org.apache.tomcat.util.net.AprEndpoint$SocketWithOptionsProcessor.run(AprEndpoint.java:2486)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
An analysis of the stacktrace above shows the the binaryNameToPath() method
doesn't protect itself against a null binaryname:
https://github.com/apache/tomcat/blob/73268e886373568fb0c2a150dbbcaf088a2443fb/java/org/apache/catalina/loader/WebappClassLoaderBase.java#L3604
In turn, this is caused by a null class name here:
https://github.com/apache/tomcat/blob/73268e886373568fb0c2a150dbbcaf088a2443fb/java/org/apache/catalina/loader/WebappClassLoaderBase.java#L3683
The class name passed is null here:
https://github.com/apache/tomcat/blob/73268e886373568fb0c2a150dbbcaf088a2443fb/java/org/apache/catalina/loader/WebappClassLoaderBase.java#L1784
https://github.com/apache/tomcat/blob/73268e886373568fb0c2a150dbbcaf088a2443fb/java/org/apache/catalina/loader/WebappClassLoaderBase.java#L1735
Looks like getServletClass is returning null here:
https://github.com/apache/tomcat/blob/73268e886373568fb0c2a150dbbcaf088a2443fb/java/org/apache/catalina/core/StandardWrapper.java#L1211
The variable defaults to null here, looks like there are code paths where this
variable stays null:
https://github.com/apache/tomcat/blob/73268e886373568fb0c2a150dbbcaf088a2443fb/java/org/apache/catalina/core/StandardWrapper.java#L202
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 63266] NullPointerException at
org.apache.catalina.loader.WebappClassLoaderBase.binaryNameToPath
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63266
--- Comment #2 from Mark Thomas <ma...@apache.org> ---
For completeness, you need to set xmlNamespaceAware="true" for validation to
work.
Validation won't flag this as an error as, starting with Servlet 3.0 the
servlet-class / jsp-file that was required in prior versions becomes optional.
This is because the information may be provided via an annotation. If it is not
provided via any means then a ServletException will be thrown on first access
and the Servlet marked as unavailable.
Generally, the failure to start a Servlet doesn't prevent a web application
from starting.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 63266] NullPointerException at
org.apache.catalina.loader.WebappClassLoaderBase.binaryNameToPath
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63266
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|NEW |RESOLVED
--- Comment #1 from Mark Thomas <ma...@apache.org> ---
This looks to be caused by a Servlet being defined without a class name. That
is a configuration error that should be caught by enabling validation (testing
this on 7.0.x has thrown up a bunch of validation errors that I need to
investigate).
The code path that leads to the NPE is no longer present in 7.0.x. It was
removed as part of the fix for CVE-2018-1305.
I am therefore resolving this as fixed.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org