RFC2307MemberParser.fetchDirectMembers can return null elements

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: High
    • 1.4.3, 1.5
    • Affects Version/s: 1.4.2
    • Component/s: None
    • None

      The fetchDirectMembers method of the RFC2307MemberParser class doesn't check whether the returned member from getMember is null before adding it to the list of return values. Multiple conditions can cause the returned value to be null, including at least:

      • The listed member object wasn't found in the directory tree
      • There is more than one object in the directory tree that matches the name listed

      If a null value is part of the returned list from fetchDirectMembers, this will cause a NullPointerException later down the line, for example:

      2008-05-30 15:51:08,878 http-8095-Processor24 INFO [integration.directory.connector.Rfc2307] Performing principal search: baseDN = dc=datasynapse,dc=com - filter = (&(uid=emergency)(&(objectClass=posixAccount)(!(uid=$))(title=)))
      2008-05-30 15:51:08,921 http-8095-Processor21 INFO [integration.directory.connector.Rfc2307] Performing group search: baseDN = ou=groups,dc=datasynapse,dc=com - filter = (objectclass=posixGroup)
      2008-05-30 15:51:08,952 http-8095-Processor21 ERROR [codehaus.xfire.handler.DefaultFaultHandler] Fault occurred!
      java.lang.NullPointerException
      at com.atlassian.crowd.integration.directory.connector.mapper.fetcher.GenericFetcher.isOfObjectClass(GenericFetcher.java:81)
      at com.atlassian.crowd.integration.directory.connector.mapper.fetcher.GenericFetcher.isContainer(GenericFetcher.java:65)
      at com.atlassian.crowd.integration.directory.connector.mapper.fetcher.SubGroupFetcher.addMembers(SubGroupFetcher.java:51)
      at com.atlassian.crowd.integration.directory.connector.mapper.ContainerContextMapper.mapFromContext(ContainerContextMapper.java:90)
      at com.atlassian.crowd.integration.directory.connector.mapper.ContainerContextMapper.mapFromContext(ContainerContextMapper.java:62)
      at org.springframework.ldap.core.ContextMapperCallbackHandler.getObjectFromNameClassPair(ContextMapperCallbackHandler.java:63)
      at org.springframework.ldap.core.CollectingNameClassPairCallbackHandler.handleNameClassPair(CollectingNameClassPairCallbackHandler.java:50)
      at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:276)
      at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:213)
      at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:601)
      at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:509)
      at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.searchGroups(SpringLDAPConnector.java:717)
      at com.atlassian.crowd.manager.application.ApplicationManagerGeneric.searchGroups(ApplicationManagerGeneric.java:1564)
      at com.atlassian.crowd.service.soap.SecurityServerGeneric.findAllGroupRelationships(SecurityServerGeneric.java:579)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:585)
      at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
      at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
      at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
      at com.atlassian.spring.interceptors.SpringProfilingInterceptor.invoke(SpringProfilingInterceptor.java:20)
      at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
      at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
      at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
      at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
      at $Proxy8.findAllGroupRelationships(Unknown Source)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:585)
      at org.codehaus.xfire.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:59)
      at org.codehaus.xfire.service.binding.ServiceInvocationHandler.sendMessage(ServiceInvocationHandler.java:320)
      at org.codehaus.xfire.service.binding.ServiceInvocationHandler$1.run(ServiceInvocationHandler.java:86)
      at org.codehaus.xfire.service.binding.ServiceInvocationHandler.execute(ServiceInvocationHandler.java:134)
      at org.codehaus.xfire.service.binding.ServiceInvocationHandler.invoke(ServiceInvocationHandler.java:109)
      at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
      at org.codehaus.xfire.transport.DefaultEndpoint.onReceive(DefaultEndpoint.java:64)
      at org.codehaus.xfire.transport.AbstractChannel.receive(AbstractChannel.java:38)
      at org.codehaus.xfire.transport.http.XFireServletController.invoke(XFireServletController.java:304)
      at org.codehaus.xfire.transport.http.XFireServletController.doService(XFireServletController.java:129)
      at org.codehaus.xfire.transport.http.XFireServlet.doPost(XFireServlet.java:116)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
      at com.atlassian.crowd.console.filter.CrowdOpenSessionInViewFilter.doFilterInternal(CrowdOpenSessionInViewFilter.java:26)
      at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at com.atlassian.gzipfilter.GzipFilter.doFilterInternal(GzipFilter.java:88)
      at com.atlassian.gzipfilter.GzipFilter.doFilter(GzipFilter.java:64)
      at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:183)
      at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:138)
      at com.atlassian.crowd.console.filter.CrowdDelegatingFilterProxy.doFilter(CrowdDelegatingFilterProxy.java:38)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at com.atlassian.johnson.filters.AbstractJohnsonFilter.doFilter(AbstractJohnsonFilter.java:72)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at com.atlassian.johnson.filters.AbstractJohnsonFilter.doFilter(AbstractJohnsonFilter.java:72)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:874)
      at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
      at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
      at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
      at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
      at java.lang.Thread.run(Thread.java:595)

              Assignee:
              David O'Flynn [Atlassian]
              Reporter:
              Nat Budin
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: