You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@karaf.apache.org by "Eduardo Aguinaga (JIRA)" <ji...@apache.org> on 2015/12/15 18:51:46 UTC
[jira] [Created] (KARAF-4212) Null Dereference
Eduardo Aguinaga created KARAF-4212:
---------------------------------------
Summary: Null Dereference
Key: KARAF-4212
URL: https://issues.apache.org/jira/browse/KARAF-4212
Project: Karaf
Issue Type: Bug
Affects Versions: 4.0.3
Reporter: Eduardo Aguinaga
HP Fortify SCA and SciTools Understand were used to perform an application security analysis on the karaf source code.
The method execute() in LoadTest.java can crash the program by dereferencing a null pointer on line 71.
File: bundle/core/src/main/java/org/apache/karaf/bundle/command/LoadTest.java
Line: 71
LoadTest.java, lines 65-74:
65 @Override
66 public Object execute() throws Exception {
67 if (!confirm(session)) {
68 return null;
69 }
70 final BundleContext bundleContext = this.bundleContext.getBundle(0).getBundleContext();
71 final FrameworkWiring wiring = bundleContext.getBundle().adapt(FrameworkWiring.class);
72 final CountDownLatch latch = new CountDownLatch(threads);
73 final Bundle[] bundles = bundleContext.getBundles();
74 final AtomicBoolean[] locks = new AtomicBoolean[bundles.length];
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)