Bug 838409

Summary: NullPointerException in CXF DOMUtils when soap header contains null namespace element
Product: [JBoss] JBoss Enterprise SOA Platform 5 Reporter: Kyle Lape <klape>
Component: EAPAssignee: Default User <jbpapp-maint>
Status: CLOSED CURRENTRELEASE QA Contact: Martin Vecera <mvecera>
Severity: unspecified Docs Contact:
Priority: medium    
Version: 5.2.0 GACC: atangrin, belong, dpalmer, jpechane, rwagner, rzhang, soa-p-jira
Target Milestone: CR1   
Target Release: 5.3.0 GA   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Method findAllElementsByTagNameNS in cxf/trunk/api/src/main/java/org/apache/cxf/helpers/DOMUtils.java attempts to perform elementList.add(el) when el.getNamespaceURI() == null. This means that when ReadHeaderInterceptor processes an inbound SOAP message with a null namespace Header element, the user encounters a NullPointerException. Method findAllElementsByTagNameNS now additionally checks that el.getNamespaceURI() != null before proceeding to perform elementList.add(el). ReadHeaderInterceptor can now process an inbound SOAP message with a null namespace Header element and the user no longer encounters the Exception.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2014-10-15 17:26:00 UTC Type: Support Patch
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
cxf-4408 patch none

Description Kyle Lape 2012-07-09 02:57:15 UTC 
Created attachment 596970 [details]
cxf-4408 patch

When ReadHeaderInterceptor processes the following inbound SOAP message, DOMUtils throws a NullPointerException for the null namespace Header element:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:foo="http://cxf.apache.org/foo" xmlns:bar="http://cxf.apache.org/bar">
  <soapenv:Header>
    <foo:myheader>
      <Header>
        <bar:type>mytype</head:type>
      </Header>
    </foo:myheader>
  </soapenv:Header>
  ...

A NPE guard is needed.
Comment 1 Rick Wagner 2012-07-09 20:58:15 UTC 
GSS will work to manage customer expectations concerning timing.  If this patch must come after 5.3GA, that's acceptable.
Comment 2 Ryan Zhang 2012-07-20 06:34:59 UTC 
Please verify this issue on 5.3.0 CR1.
Comment 3 Ryan Zhang 2012-07-20 09:02:49 UTC 
The patched cxf build is fetched from https://brewweb.devel.redhat.com/buildinfo?buildID=220711
Comment 4 Jiri Pechanec 2012-07-25 11:42:07 UTC 
Verified in CR1