From 268bde77fa1196a742565202783d5071afa833bf Mon Sep 17 00:00:00 2001 From: Robert Varga Date: Tue, 21 May 2019 13:27:02 +0200 Subject: [PATCH] Fix unsafe global config access Current global config is a volatile variable, hence it must be acquired into a local variable for proper nullness checks -- otherwise it is open to TOCTOU race conditions leading to NPEs. Change-Id: I9316b3ed976575726da7a065668c507e15fe0ddf Signed-off-by: Robert Varga --- .../callhome/mount/CallHomeAuthProviderImpl.java | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeAuthProviderImpl.java b/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeAuthProviderImpl.java index f6af5e41f8..840dca1ffd 100644 --- a/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeAuthProviderImpl.java +++ b/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeAuthProviderImpl.java @@ -236,7 +236,6 @@ public class CallHomeAuthProviderImpl implements CallHomeAuthorizationProvider, } private static class GlobalConfig implements DataTreeChangeListener { - private volatile Global current = null; @Override @@ -247,15 +246,14 @@ public class CallHomeAuthProviderImpl implements CallHomeAuthorizationProvider, } boolean allowedUnknownKeys() { - if (current == null) { - return false; - } + final Global local = current; // Deal with null values. - return Boolean.TRUE.equals(current.isAcceptAllSshKeys()); + return local != null && Boolean.TRUE.equals(local.isAcceptAllSshKeys()); } Credentials getCredentials() { - return current != null ? current.getCredentials() : null; + final Global local = current; + return local != null ? local.getCredentials() : null; } } } -- 2.36.6