Bug 1122580 - [QE] (6.4.0) NullPointerException in org.jboss.modules.ModulesPolicy.implies method
Summary: [QE] (6.4.0) NullPointerException in org.jboss.modules.ModulesPolicy.implies ...
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Server
Version: 6.3.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: DR1
: EAP 6.4.0
Assignee: Jason T. Greene
QA Contact: Pavel Slavicek
Depends On:
Blocks: 1099440 1123849 1126307
TreeView+ depends on / blocked
Reported: 2014-07-23 14:25 UTC by Josef Cacek
Modified: 2019-08-19 12:41 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1123849 (view as bug list)
Last Closed:
Type: Bug

Attachments (Terms of Use)
console log with NPE exception (51.83 KB, text/plain)
2014-07-23 14:25 UTC, Josef Cacek
no flags Details

Description Josef Cacek 2014-07-23 14:25:36 UTC
Created attachment 920246 [details]
console log with NPE exception

ProtectionDomain can have null codesource [1], but the methods in org.jboss.modules.ModulesPolicy class don't do the check for null and they try to use the codesource directly. It causes NPE when running EAP with Java Security Manager (JSM) enabled.

public boolean implies(final ProtectionDomain domain, final Permission permission) {
    return domain.getCodeSource().equals(ourCodeSource) || policy.implies(domain, permission);

[1] http://docs.oracle.com/javase/6/docs/api/java/security/ProtectionDomain.html#getCodeSource()

The test which shows the issue is the JMXConnectorTestCase from testsuite/integration/basic, when it's running against EAP running on IBM JDK 6 with the JSM enabled.
Look at attachments for a server log which contains the stack-traces.

Comment 3 Kabir Khan 2014-08-24 11:04:59 UTC
Fixed by modules 1.3.4 upgrade https://bugzilla.redhat.com/show_bug.cgi?id=1126307. Setting to MODIFIED.

Comment 4 Ondrej Lukas 2014-09-19 12:58:17 UTC
Verified in 6.4.0.DR1.1

Note You need to log in before you can comment on or make changes to this bug.