472654 – Missing email address in Administration Panel causes Velocity Servlet NULL Pointer Exception

Bug 472654 - Missing email address in Administration Panel causes Velocity Servlet NULL Pointer Exception

Summary: Missing email address in Administration Panel causes Velocity Servlet NULL Po...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Dogtag Certificate System
Classification:	Retired
Component:	Installation Wizard
Sub Component:
Version:	1.1
Hardware:	All
OS:	Linux
Priority:	high
Severity:	low
Target Milestone:	---
Assignee:	Ade Lee
QA Contact:	Chandrasekar Kannan
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	443788
TreeView+	depends on / blocked

Reported:	2008-11-22 22:48 UTC by Matthew Harmsen
Modified:	2015-01-06 01:17 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2009-07-22 23:30:28 UTC
Embargoed:

Attachments	(Terms of Use)
patch to fix (5.29 KB, patch) 2008-12-17 04:13 UTC, Ade Lee	no flags	Details \| Diff
View All

Description Matthew Harmsen 2008-11-22 22:48:32 UTC

While attempting to configure a CA on RHEL5.2, I forgot to enter an email address in the Administration Panel of the Configuration Wizard.  I received the following problem:

VelocityServlet: Error processing the template

java.lang.NullPointerException
	at com.netscape.certsrv.util.HttpInput.getEmail(HttpInput.java:267)
	at com.netscape.cms.servlet.csadmin.AdminPanel.validate(AdminPanel.java:198)
	at com.netscape.cms.servlet.wizard.WizardServlet.goNextApply(WizardServlet.java:313)
	at com.netscape.cms.servlet.wizard.WizardServlet.goNext(WizardServlet.java:294)
	at com.netscape.cms.servlet.wizard.WizardServlet.handleRequest(WizardServlet.java:470)
	at org.apache.velocity.servlet.VelocityServlet.doRequest(VelocityServlet.java:358)
	at org.apache.velocity.servlet.VelocityServlet.doPost(VelocityServlet.java:327)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:542)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
	at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
	at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
	at java.lang.Thread.run(Thread.java:636)

In the file common/src/com/netscape/certsrv/util/HttpInput.java, the NULL pointer exception comes from attempting to parse an empty "name" value:

   public static String getEmail(HttpServletRequest request, String name)
        throws IOException
    {
        String v = getString(request, name);
        if (v.indexOf('@') == -1) {
           throw new IOException("Invalid email " + v);
        }
        return v;
    }

Code should be placed in the panel to disallow a user from ever going to the code in the first place.

Comment 1 Matthew Harmsen 2008-11-23 00:15:11 UTC

NOTE:  This bug may be invalid, as it may have been caused by a certificate
       pre-existing in the browser's database, since retrying yielded problems
       with the Panels skipping the highlighting of the "Import CA Certificate
       Chain", and the "Administration" panel was completely greyed-out (thus
       why no email address got entered).  One potential problem may be that
       the system thought that it was a "clone", since the code doesn't appear
       to get executed for this type of configuration.

Comment 2 Matthew Harmsen 2008-12-15 19:22:57 UTC

This problem can be seen on the following virtual machine:

meatpie.dsdev.sjc.redhat.com (RHEL 5.2 + OpenJDK 1.6.0)

Comment 3 Ade Lee 2008-12-17 04:11:20 UTC

The problem results because some change made in common-ui in dogtag were not replicated to the redhat subversion tree.

The specific changes can be found in BZ 224765 and BZ 223367.

Comment 4 Ade Lee 2008-12-17 04:13:27 UTC

Created attachment 327202 [details]
patch to fix

patch with required changes to be ported over.  There are no differences between the changes in dogtag and the changes required here.

mharmsen, please review.

Comment 5 Matthew Harmsen 2008-12-17 18:59:03 UTC

attachment (id=327202) +mharmsen

Comment 6 Ade Lee 2008-12-17 19:41:38 UTC

[builder@dhcp231-124 pki]$ svn ci -m "Bugzilla BZ 472654" redhat
Sending        redhat/common-ui/redhat-pki-common-ui.el4sol9.spec
Sending        redhat/common-ui/redhat-pki-common-ui.spec
Sending        redhat/common-ui/shared/admin/console/config/adminpanel.vm
Sending        redhat/common-ui/shared/admin/console/config/databasepanel.vm
Transmitting file data ....
Committed revision 15377.

Comment 7 Kashyap Chamarthy 2009-06-11 13:06:17 UTC

Verified (on RHEL 5.3, June-8-build). No code is thrown when a valid email is not given, instead an "invalid email address" error is thrown

Note You need to log in before you can comment on or make changes to this bug.