From 1dbd3f5906bbd9d09f8d8abb248144e1f1017e52 Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Tue, 19 Apr 2016 13:58:56 -0500 Subject: [PATCH] Fix NPE in OnCommittedResponseWrapper trackContentLength (#3824) OnCommittedResponseWrapper trackContentLength will throw a NullPointerException when the content length passed in is null. This commit properly tracks the null value as a length of 4. Fixes gh-3823 --- .../web/util/OnCommittedResponseWrapper.java | 3 ++- .../web/util/OnCommittedResponseWrapperTests.java | 15 +++++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/web/src/main/java/org/springframework/security/web/util/OnCommittedResponseWrapper.java b/web/src/main/java/org/springframework/security/web/util/OnCommittedResponseWrapper.java index 14b454816a..61cbc99a78 100644 --- a/web/src/main/java/org/springframework/security/web/util/OnCommittedResponseWrapper.java +++ b/web/src/main/java/org/springframework/security/web/util/OnCommittedResponseWrapper.java @@ -194,7 +194,8 @@ public abstract class OnCommittedResponseWrapper extends HttpServletResponseWrap } private void trackContentLength(String content) { - checkContentLength(content.length()); + int contentLength = content == null ? 4 : content.length(); + checkContentLength(contentLength); } /** diff --git a/web/src/test/java/org/springframework/security/web/util/OnCommittedResponseWrapperTests.java b/web/src/test/java/org/springframework/security/web/util/OnCommittedResponseWrapperTests.java index 130d9cb814..e53cfbe4fa 100644 --- a/web/src/test/java/org/springframework/security/web/util/OnCommittedResponseWrapperTests.java +++ b/web/src/test/java/org/springframework/security/web/util/OnCommittedResponseWrapperTests.java @@ -545,6 +545,21 @@ public class OnCommittedResponseWrapperTests { // The amount of content specified in the setContentLength method of the response // has been greater than zero and has been written to the response. + // gh-3823 + @Test + public void contentLengthPrintWriterWriteNullCommits() throws Exception { + String expected = null; + this.response.setContentLength(String.valueOf(expected).length() + 1); + + this.response.getWriter().write(expected); + + assertThat(this.committed).isFalse(); + + this.response.getWriter().write("a"); + + assertThat(this.committed).isTrue(); + } + @Test public void contentLengthPrintWriterWriteIntCommits() throws Exception { int expected = 1;