Uploaded image for project: 'Jackrabbit Oak'
  1. Jackrabbit Oak
  2. OAK-8212

ImporterImpl.importProperties prone to NPE

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 1.14.0, 1.10.4, 1.8.16
    • jcr
    • None

    Description

      the ImportImpl code at line 275 is prone to NPE because EffectiveNodeType.getPropertyDefinition(String, int, boolean) may return null (in contrast to the second variant that throws ConstraintViolationException if no matching definition is found.

      the code looks as follows:

      EffectiveNodeType ent = effectiveNodeTypeProvider.getEffectiveNodeType(tree);
PropertyDefinition def = ent.getPropertyDefinition(pi.getName(), pi.getType(), pi.isUnknownMultiple());
if (def.isProtected()) {
    ...
}

      proposed fix (adding a check for null):

      EffectiveNodeType ent = effectiveNodeTypeProvider.getEffectiveNodeType(tree);
PropertyDefinition def = ent.getPropertyDefinition(pi.getName(), pi.getType(), pi.isUnknownMultiple());
if (def == null) {
       throw new ConstraintViolationException("No matching property definition found for " + pi.getName());
}
if (def.isProtected()) {
    ...
}

      i spotted the issue while writing an import test for OAK-8190 with property type mismatch.

      Attachments

        Issue Links

          blocks

          New Feature - A new feature of the product, which has yet to be developed. OAK-8190 Dedicated authorization for system users

          • Major - Major loss of function.
          • Closed
          is related to

          Bug - A problem which impairs or prevents the functions of the product. OAK-9436 Session.getImportContentHandler() adds new nodes/properties to transient space despite ConstraintViolationException

          • Major - Major loss of function.
          • Open

          Bug - A problem which impairs or prevents the functions of the product. OAK-8218 ReadOnlyNodeTypeManager.isNodeType prone to NPE

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. OAK-8216 Consistently add nullability annotations with spi.nodetype package and implementation

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              angela Angela Schreiber
              angela Angela Schreiber
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: