From 1c86273edb63f641064bca3a7d40f425e0da09ec Mon Sep 17 00:00:00 2001 From: Florian Zschocke Date: Tue, 1 Nov 2022 00:50:14 +0100 Subject: [PATCH] authority: Fix null pointer crash for deleted users When a user had a certificate, i.e. an entry in the Gitblit Authority database, but the user was deleted from the Gitblit database, then the Authority application crashes upon loading. This patch prevents the crash. The deleted user is no longer shown in the Authority. But the database entry still is kept. This should be improved to show deleted users and give the possibility to delete them from the Authority's database. This fixes #1359 --- releases.moxie | 3 ++- src/main/java/com/gitblit/authority/GitblitAuthority.java | 6 +++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/releases.moxie b/releases.moxie index 41ad6642..35e4cce4 100644 --- a/releases.moxie +++ b/releases.moxie @@ -11,7 +11,8 @@ r34: { html: ~ text: ~ security: ~ - fixes: ~ + fixes: + - Fix crash in Gitblit Authority when users were deleted from Gitblit but still had entries (certificates) in the Authority. changes: - Minimum Java required increased to Java 8 additions: ~ diff --git a/src/main/java/com/gitblit/authority/GitblitAuthority.java b/src/main/java/com/gitblit/authority/GitblitAuthority.java index 15c23a79..34931bb5 100644 --- a/src/main/java/com/gitblit/authority/GitblitAuthority.java +++ b/src/main/java/com/gitblit/authority/GitblitAuthority.java @@ -299,7 +299,11 @@ public class GitblitAuthority extends JFrame implements X509Log { List list = UserCertificateConfig.KEY.parse(config).list; for (UserCertificateModel ucm : list) { ucm.user = userService.getUserModel(ucm.user.username); - map.put(ucm.user.username, ucm); + // Users may have been deleted, but are still present in authority.conf. + // TODO: Currently this only keeps the app from crashing. It should provide means to show obsolete user entries and delete them. + if (ucm.user != null) { + map.put(ucm.user.username, ucm); + } } } catch (IOException e) { e.printStackTrace(); -- 2.39.5