Skip to content

Commit

Permalink
Merge pull request #1344 from /issues/1343-coverity-npe
Browse files Browse the repository at this point in the history 
Fix #1343: Coverity: Dereference null return value
  • Loading branch information
@banterCZ
banterCZ authored Feb 26, 2024
2 parents 6564091 + 9782d54 commit 18971f4
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 0 deletions.
4 changes: 4 additions & 0 deletions .../powerauth/fido2/rest/model/converter/serialization/AttestationStatementDeserializer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,10 @@ public AttestationStatementDeserializer(Class<AttestationStatement> vc) {
public AttestationStatement deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws Fido2DeserializationException {
try {
final Map<String, Object> map = jsonParser.readValueAs(new TypeReference<>() {});
if (map == null) {
throw new Fido2DeserializationException("JSON deserialized into null.");
}

final AttestationStatement result = new AttestationStatement();
final Integer alg = (Integer) map.get("alg");
if (alg != null && -7 == alg) {
Expand Down
6 changes: 6 additions & 0 deletions ...tra/powerauth/fido2/rest/model/converter/serialization/AuthenticatorDataDeserializer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,9 @@ public AuthenticatorData deserialize(JsonParser jsonParser, DeserializationConte

// Serialize Auth Data
final byte[] authData = jsonParser.getBinaryValue();
if (authData == null) {
throw new Fido2DeserializationException("JSON binary value deserialized into null.");
}
result.setEncoded(authData);

// Get RP ID Hash
Expand Down Expand Up @@ -131,6 +134,9 @@ public AuthenticatorData deserialize(JsonParser jsonParser, DeserializationConte
final byte[] credentialPublicKey = new byte[remainingLength];
System.arraycopy(authData, 55 + credentialIdLengthValue, credentialPublicKey, 0, remainingLength);
final Map<String, Object> credentialPublicKeyMap = cborMapper.readValue(credentialPublicKey, new TypeReference<>() {});
if (credentialPublicKeyMap == null) {
throw new Fido2DeserializationException("JSON credentialPublicKey deserialized into null.");
}

final PublicKeyObject publicKeyObject = new PublicKeyObject();
final Integer algorithm = (Integer) credentialPublicKeyMap.get("3");
Expand Down

0 comments on commit 18971f4

Please sign in to comment.