首页 发现 帮助
注册 登录
coolbeer
/
cryptomator
镜像自地址 https://github.com/cryptomator/cryptomator.git
1
0
派生 0
文件 工单管理 0 Wiki
浏览代码

json parsing exception handling, see Coverity issues 72297, 72296, 72295

Sebastian Stenzel 9 年之前
父节点
edf92adfec
当前提交
d5b4fb4fe9
共有 2 个文件被更改,包括 9 次插入0 次删除
分列视图 显示文件统计
  1. 5 0
      main/filesystem-crypto/src/main/java/org/cryptomator/crypto/engine/impl/CryptorImpl.java
  2. 4 0
      main/ui/src/main/java/org/cryptomator/ui/model/VaultObjectMapperProvider.java

+ 5 - 0
main/filesystem-crypto/src/main/java/org/cryptomator/crypto/engine/impl/CryptorImpl.java
查看文件 

@@ -35,6 +35,7 @@ import org.cryptomator.crypto.engine.UnsupportedVaultFormatException;
 
 
 import com.fasterxml.jackson.core.JsonProcessingException;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 
+import com.fasterxml.jackson.databind.exc.InvalidFormatException;
 
 
 class CryptorImpl implements Cryptor {
 
 
@@ -99,9 +100,13 @@ class CryptorImpl implements Cryptor {
 
 		try {
 
 			final ObjectMapper om = new ObjectMapper();
 
 			keyFile = om.readValue(masterkeyFileContents, KeyFile.class);
 
+			if (keyFile == null) {
 
+				throw new InvalidFormatException("Could not read masterkey file", keyFile, KeyFile.class);
 
+			}
 
 		} catch (IOException e) {
 
 			throw new IllegalArgumentException("Unable to parse masterkeyFileContents", e);
 
 		}
 
+		assert keyFile != null;
 
 
 		// check version
 
 		if (keyFile.getVersion() != CURRENT_VAULT_VERSION || ArrayUtils.isEmpty(keyFile.getVersionMac())) {

+ 4 - 0
main/ui/src/main/java/org/cryptomator/ui/model/VaultObjectMapperProvider.java
查看文件 

@@ -27,6 +27,7 @@ import com.fasterxml.jackson.databind.JsonNode;
 
 import com.fasterxml.jackson.databind.JsonSerializer;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 
 import com.fasterxml.jackson.databind.SerializerProvider;
 
+import com.fasterxml.jackson.databind.exc.InvalidFormatException;
 
 import com.fasterxml.jackson.databind.module.SimpleModule;
 
 
 @Singleton
 
@@ -70,6 +71,9 @@ public class VaultObjectMapperProvider implements Provider<ObjectMapper> {
 
 		@Override
 
 		public Vault deserialize(JsonParser jp, DeserializationContext ctxt) throws IOException, JsonProcessingException {
 
 			final JsonNode node = jp.readValueAsTree();
 
+			if (node == null || !node.has("path")) {
 
+				throw new InvalidFormatException("Node is null or doesn't contain a path.", node, Vault.class);
 
+			}
 
 			final String pathStr = node.get("path").asText();
 
 			final Path path = FileSystems.getDefault().getPath(pathStr);
 
 			final Vault vault = vaultFactoy.createVault(path);