225843 – [sec] Differ nulls and empty strings in secure preferences

Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 225843 - [sec] Differ nulls and empty strings in secure preferences

Summary: [sec] Differ nulls and empty strings in secure preferences

Status:	RESOLVED FIXED

Alias:	None

Product:	Equinox
Classification:	Eclipse Project
Component:	Security (show other bugs)
Version:	unspecified
Hardware:	PC Windows XP

Importance:	P3 normal (vote)
Target Milestone:	3.4 M7
Assignee:	Security Inbox
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2008-04-04 16:46 EDT by Oleg Besedin
Modified:	2008-04-04 16:47 EDT (History)
CC List:	0 users

See Also:

Attachments
Patch (9.08 KB, patch) 2008-04-04 16:46 EDT, Oleg Besedin	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Oleg Besedin

2008-04-04 16:46:04 EDT

Created attachment 94919 [details]
Patch

At present secure preferences don't differentiate between null values and empty strings. In fact, nulls passed in are converted to empty strings.

The patch adds a differentiation (the null values will omit "," separator between salt and value and will have both as empty strings). 

The null values won't be encrypted so the entry in the output file will be simple "\t".

The patch adds an extra JUnit to check for edge values for strings and byte arrays.

As a part of the this work I discovered that I needed to check if we are runing inside a JUnit before bringing up UI prompts :-). There is a code added that checks first to see it workbench is active and then checks if the application is "org.eclipse.pde.junit.runtime.*".

Comment 1 Oleg Besedin

2008-04-04 16:47:24 EDT

Patch applied to CVS Head.