Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 312306

Summary: NPE happens in AuthorizationDatabase.save() when keyring file is not qualified
Product: [Eclipse Project] Platform Reporter: gkwan
Component: RuntimeAssignee: Thomas Watson <tjwatson>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: P3 CC: dj.houghton, john.arthorne, pquiring, tjwatson
Version: 3.6Flags: john.arthorne: review+
dj.houghton: review+
Target Milestone: 3.6 RC2   
Hardware: PC   
OS: Windows XP   
Whiteboard:
Attachments:
Description Flags
Proposed patch
none
fix + test
none
fix + test none

Description gkwan CLA 2010-05-10 13:25:31 EDT 
Build Identifier: 20100218-1602

Provide a non-qualified keyring file as

eclipse.exe -keyfile abc.kr

When call Platform.getAuthorizationInfo(), an NPE will happen in
AuthorizationDatabase.save()

java.lang.NullPointerException
	at org.eclipse.core.internal.runtime.auth.AuthorizationDatabase.save(AuthorizationDatabase.java:321)
	at org.eclipse.core.internal.runtime.auth.AuthorizationDatabase.load(AuthorizationDatabase.java:269)
	at org.eclipse.core.internal.runtime.auth.AuthorizationDatabase.<init>(AuthorizationDatabase.java:95)
	at org.eclipse.core.internal.runtime.auth.AuthorizationHandler.loadKeyring(AuthorizationHandler.java:58)
	at org.eclipse.core.internal.runtime.auth.AuthorizationHandler.getAuthorizationInfo(AuthorizationHandler.java:185)
	at org.eclipse.core.runtime.Platform.getAuthorizationInfo(Platform.java:646)


It can be resolved by following patch.

### Eclipse Workspace Patch 1.0
#P org.eclipse.core.runtime.compatibility.auth
Index: src/org/eclipse/core/internal/runtime/auth/AuthorizationDatabase.java
===================================================================
RCS file: /cvsroot/eclipse/org.eclipse.core.runtime.compatibility.auth/src/org/eclipse/core/internal/runtime/auth/AuthorizationDatabase.java,v
retrieving revision 1.1
diff -u -r1.1 AuthorizationDatabase.java
--- src/org/eclipse/core/internal/runtime/auth/AuthorizationDatabase.java	12 Apr 2006 21:16:27 -0000	1.1
+++ src/org/eclipse/core/internal/runtime/auth/AuthorizationDatabase.java	10 May 2010 17:02:37 -0000
@@ -318,7 +318,10 @@
 			return;
 		try {
 			file.delete();
-			if ((!file.getParentFile().exists() && !file.getParentFile().mkdirs()) || !canWrite(file.getParentFile()))
+			File parent = file.getParentFile();
+			if (parent == null)
+				parent = new File(".");
+			if ((!parent.exists() && !parent.mkdirs()) || !canWrite(parent))
 				throw new CoreException(new Status(IStatus.ERROR, PI_RUNTIME_AUTH, FAILED_WRITE_METADATA, NLS.bind(Messages.meta_unableToWriteAuthorization, file), null));
 			file.createNewFile();
 			FileOutputStream out = new FileOutputStream(file);

Reproducible: Always

Steps to Reproduce:
1. Create a Hello World plugin example
2. Add following code in the action run(IAction action) and import the required packages

		try {
			Platform.getAuthorizationInfo(new URL("http://www.ibm.com"), "r", "a");
		} catch (MalformedURLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		} catch (Exception e){
			e.printStackTrace();
		}

3. Run the Hello world plugin with following argument
    -keyring abc.kr 

4. Execute the action
5. NPE will be shown in the Console view
Comment 1 gkwan CLA 2010-05-10 13:26:54 EDT 
Created attachment 167762 [details]
Proposed patch
Comment 2 Thomas Watson CLA 2010-05-17 14:07:34 EDT 
Created attachment 168782 [details]
fix + test

I think a more appropriate fix is to get the absolute File in the constructor of AuthorizationDatabase.

This patch also contains a testcase.
Comment 3 Thomas Watson CLA 2010-05-17 14:08:22 EDT 
John please review.
Comment 4 Thomas Watson CLA 2010-05-17 14:08:44 EDT 
DJ, please review.
Comment 5 Thomas Watson CLA 2010-05-17 14:09:39 EDT 
Created attachment 168783 [details]
fix + test

Sorry, I attached the wrong patch.
Comment 6 John Arthorne CLA 2010-05-17 16:40:57 EDT 
I released Tom's fix and test in HEAD.