Bug 61779 - NPE in AuthConfigFactoryImpl.removeRegistration() if AuthConfigFactoryImpl.getConfigProvider() was called with null parameter for listener
Summary: NPE in AuthConfigFactoryImpl.removeRegistration() if AuthConfigFactoryImpl.ge...
Status: RESOLVED FIXED
Alias: None
Product: Tomcat 8
Classification: Unclassified
Component: Catalina (show other bugs)
Version: 8.5.23
Hardware: PC All
: P2 normal (vote)
Target Milestone: ----
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-11-18 13:55 UTC by Lazar Kirchev
Modified: 2017-11-20 13:11 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Lazar Kirchev 2017-11-18 13:55:43 UTC
AuthConfigFactoryImpl.getConfigProvider() always creates a listener wrapper, even if the listener parameter is actually null. When after that AuthConfigFactoryImpl.removeRegistration() is called, the listeners in all listener wrappers for this registration are notified for the removal. 

However, no check for null listener in the listener wrapper is made, therefore if there is a null listener within a wrapper a NPE is thrown.
Comment 1 Lazar Kirchev 2017-11-18 13:57:28 UTC
This pull request contains a test case, which illustrates the problem and a fix for it: https://github.com/apache/tomcat/pull/87
Comment 2 Mark Thomas 2017-11-20 13:11:40 UTC
Again, many thanks.

Fixed in:
- trunk for 9.0.2 onwards
- 8.5.x for 8.5.24 onwards