IBM Support

IV55949: SASL THROWS NPE WHEN USING GSSAPI WITH LOG TRACE ON.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Error Message: When SASL uses GSSAPI with log trace on, SASL
    throws NullPointerException.
    .
    Stack Trace: Caused by: java.lang.NullPointerException
         at
    com.ibm.security.sasl.util.AbstractSaslImpl.traceOutput(Abstract
    SaslImpl.java:260)
         at
    com.ibm.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(Gs
    sKrb5Client.java:179)
         at
    org.apache.hadoop.security.SaslRpcClient.saslEvaluateToken(SaslR
    pcClient.java:474)
         at
    org.apache.hadoop.security.SaslRpcClient.saslConnect(SaslRpcClie
    nt.java:418)
    .
    

Local fix

Problem summary

  • The NPE is caused by a null GSS Token passed to the
    traceOutput() method.
    traceOutput() does not check if the to be traced data is null,
    and tries to get its length.
    

Problem conclusion

  • This APAR will be fixed in the following Java Releases:
       7    SR7       (7.0.7.0)
       6    SR16      (6.0.16.0)
       7 R1 SR1       (7.1.1.0)
       6 R1 SR8       (6.1.8.0)
       5.0  SR16 FP6  (5.0.16.6)
    .
    Check if the to be traced data is null.
    The associated Austin CMVC defect is 115272.
    The associated Hursley CMVC defect is 202090.
    Platform affected: All platforms.
    JVMs affected: 5.0, 6.0, 6.26, 7.0, and 7.27.
    Jars affected: ibmsaslprovider.jar.
    The fix will be available in 150_SR16_FP6, 160_SR15_FP2,
    626_SR8, 170_SR7, and 727_SR1.
    Build level is 20140212.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV55949

  • Reported component name

    JAVA 5 SECURITY

  • Reported component ID

    620500125

  • Reported release

    500

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2014-02-26

  • Closed date

    2014-02-26

  • Last modified date

    2014-04-30

  • APAR is sysrouted FROM one or more of the following:

    IV55946

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    JAVA 5 SECURITY

  • Fixed component ID

    620500125

Applicable component levels

  • R500 PSY

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.0","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
07 December 2020