Bug 61668 - Possible NullPointerException in org.apache.coyote.http11.AbstractHttp11Protocol
Summary: Possible NullPointerException in org.apache.coyote.http11.AbstractHttp11Protocol
Status: VERIFIED FIXED
Alias: None
Product: Tomcat 8
Classification: Unclassified
Component: Connectors (show other bugs)
Version: 8.5.23
Hardware: PC All
: P2 minor (vote)
Target Milestone: ----
Assignee: Tomcat Developers Mailing List
URL:
Keywords: Beginner
Depends on:
Blocks:
 
Reported: 2017-10-26 06:23 UTC by Esin Yakub
Modified: 2017-11-09 06:53 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Esin Yakub 2017-10-26 06:23:45 UTC
There are possible NullPointerException-s in org.apache.coyote.http11.AbstractHttp11Protocol's getSSLProtocol() and getSslEnabledProtocols() methods. In both methods if the SSL host configuration does not contain an "enabledProtocols" configuration the following line causes NPE:

StringUtils.join(this.defaultSSLHostConfig.getEnabledProtocols())

Easy repro step is running the following code:

public static void main(String[] args) {
    Http11Nio2Protocol protocol = new Http11Nio2Protocol();
    protocol.getSSLProtocol();
}
Comment 1 Mithun Sasidharan 2017-11-03 07:42:08 UTC
PR for this bug - https://github.com/apache/tomcat/pull/83
Comment 2 Mark Thomas 2017-11-08 11:09:58 UTC
Thanks for the report.

This has been fixed in:
- 9.0.x for 9.0.2 onwards
- 8.5.x for 8.5.24 onwards
Comment 3 Esin Yakub 2017-11-09 06:53:46 UTC
Thanks for the quick reaction guys!