From 803d4171bf24e82612c526d65de77aa580c8a62f Mon Sep 17 00:00:00 2001
From: Florian Zschocke <f.zschocke+git@gmail.com>
Date: Sat, 4 Apr 2020 19:43:35 +0200
Subject: Delete password from memory in AuthenticationManager

Zero out the password to remove it from memory after use.
This is only a first step, implementing it for one method:
`AuthenticationManager.authenticate(String, char[], String)`.
---
 src/test/java/com/gitblit/tests/StringUtilsTest.java | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

(limited to 'src/test/java/com/gitblit/tests/StringUtilsTest.java')

diff --git a/src/test/java/com/gitblit/tests/StringUtilsTest.java b/src/test/java/com/gitblit/tests/StringUtilsTest.java
index 7176b88c..3dae66f4 100644
--- a/src/test/java/com/gitblit/tests/StringUtilsTest.java
+++ b/src/test/java/com/gitblit/tests/StringUtilsTest.java
@@ -26,12 +26,25 @@ public class StringUtilsTest extends GitblitUnitTest {
 
 	@Test
 	public void testIsEmpty() throws Exception {
-		assertTrue(StringUtils.isEmpty(null));
+		assertTrue(StringUtils.isEmpty((String)null));
 		assertTrue(StringUtils.isEmpty(""));
 		assertTrue(StringUtils.isEmpty("  "));
 		assertFalse(StringUtils.isEmpty("A"));
 	}
 
+	@Test
+	public void testIsEmptyCharArray() throws Exception {
+		assertTrue(StringUtils.isEmpty((char[])null));
+		assertTrue(StringUtils.isEmpty(new char[0]));
+		assertTrue(StringUtils.isEmpty(new char[]{ ' ' }));
+		assertTrue(StringUtils.isEmpty(new char[]{ '	'}));
+		assertTrue(StringUtils.isEmpty(new char[]{ ' ', ' ' }));
+		assertTrue(StringUtils.isEmpty(new char[]{ '	',  ' ', '	' }));
+		assertFalse(StringUtils.isEmpty(new char[]{ '\u0020', 'f' }));
+		assertFalse(StringUtils.isEmpty(new char[]{ '\u0148', '\u0020' }));
+		assertFalse(StringUtils.isEmpty(new char[]{ 'A' }));
+	}
+
 	@Test
 	public void testBreakLinesForHtml() throws Exception {
 		String input = "this\nis\r\na\rtest\r\n\r\nof\n\nline\r\rbreaking";
-- 
cgit v1.2.3