From 1a944b245ff1ba380b4c6146ab22731795aff80b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lubo=C5=A1=20Ra=C4=8Dansk=C3=BD?= Date: Mon, 26 Feb 2024 06:47:46 +0100 Subject: [PATCH] Fix #424: Coverity: Dereference null return value (#425) * Fix #424: Coverity: Dereference null return value --- .../powerauth/lib/cmd/steps/AbstractBaseStep.java | 4 ++-- .../powerauth/lib/cmd/steps/v3/GetStatusStep.java | 12 +++++++++++- .../powerauth/lib/cmd/steps/v3/VaultUnlockStep.java | 10 +++++++++- 3 files changed, 22 insertions(+), 4 deletions(-) diff --git a/powerauth-java-cmd-lib/src/main/java/io/getlime/security/powerauth/lib/cmd/steps/AbstractBaseStep.java b/powerauth-java-cmd-lib/src/main/java/io/getlime/security/powerauth/lib/cmd/steps/AbstractBaseStep.java index 030a883a..02b5c662 100644 --- a/powerauth-java-cmd-lib/src/main/java/io/getlime/security/powerauth/lib/cmd/steps/AbstractBaseStep.java +++ b/powerauth-java-cmd-lib/src/main/java/io/getlime/security/powerauth/lib/cmd/steps/AbstractBaseStep.java @@ -285,8 +285,8 @@ public void processResponse(StepContext stepContext) throws Exception { } * @throws Exception when an error during response processing occurred */ public final void processResponse(StepContext stepContext, byte[] responseBody, Class responseObjectClass) throws Exception { - R responseBodyObject = HttpUtil.fromBytes(responseBody, responseObjectClass); - ResponseEntity responseEntity = ResponseEntity.of(Optional.of(responseBodyObject)); + final R responseBodyObject = HttpUtil.fromBytes(responseBody, responseObjectClass); + final ResponseEntity responseEntity = ResponseEntity.ofNullable(responseBodyObject); addResponseContext(stepContext, responseEntity); processResponse(stepContext); } diff --git a/powerauth-java-cmd-lib/src/main/java/io/getlime/security/powerauth/lib/cmd/steps/v3/GetStatusStep.java b/powerauth-java-cmd-lib/src/main/java/io/getlime/security/powerauth/lib/cmd/steps/v3/GetStatusStep.java index cecfdb51..081503a1 100755 --- a/powerauth-java-cmd-lib/src/main/java/io/getlime/security/powerauth/lib/cmd/steps/v3/GetStatusStep.java +++ b/powerauth-java-cmd-lib/src/main/java/io/getlime/security/powerauth/lib/cmd/steps/v3/GetStatusStep.java @@ -38,6 +38,7 @@ import org.springframework.core.ParameterizedTypeReference; import org.springframework.stereotype.Component; +import javax.crypto.SecretKey; import java.util.Base64; import java.util.HashMap; import java.util.Map; @@ -144,7 +145,16 @@ public void processResponse(StepContext customObject = responseObject.getCustomObject(); byte[] challenge = (byte[]) stepContext.getAttributes().get(ATTRIBUTE_CHALLENGE); - final ActivationStatusBlobInfo statusBlobRaw = ACTIVATION.getStatusFromEncryptedBlob(cStatusBlob, challenge, cStatusBlobNonce, resultStatusObject.getTransportMasterKeyObject()); + final SecretKey transportMasterKey = resultStatusObject.getTransportMasterKeyObject(); + if (transportMasterKey == null) { + stepContext.getStepLogger().writeError( + getStep().id() + "-failed", + "Get Status Failed", + "transportMasterKey is null"); + return; + } + + final ActivationStatusBlobInfo statusBlobRaw = ACTIVATION.getStatusFromEncryptedBlob(cStatusBlob, challenge, cStatusBlobNonce, transportMasterKey); final ExtendedActivationStatusBlobInfo statusBlob = ExtendedActivationStatusBlobInfo.copy(statusBlobRaw); final Map objectMap = new HashMap<>(); diff --git a/powerauth-java-cmd-lib/src/main/java/io/getlime/security/powerauth/lib/cmd/steps/v3/VaultUnlockStep.java b/powerauth-java-cmd-lib/src/main/java/io/getlime/security/powerauth/lib/cmd/steps/v3/VaultUnlockStep.java index a02695e8..6709157f 100755 --- a/powerauth-java-cmd-lib/src/main/java/io/getlime/security/powerauth/lib/cmd/steps/v3/VaultUnlockStep.java +++ b/powerauth-java-cmd-lib/src/main/java/io/getlime/security/powerauth/lib/cmd/steps/v3/VaultUnlockStep.java @@ -136,7 +136,15 @@ public void processResponse(StepContext