Null Pointer when receiving an invalid transport type during SockJS request [SPR-13545]

[spring-projects-issues]

Ben Kiefer opened SPR-13545 and commented

Our endpoint fuzzer was able to produce a 500 error due to a nullpointer in the TransportHandlingSockJsService. The following lines were the problem

protected boolean validateRequest(String serverId, String sessionId, String transport) {
		if (!getAllowedOrigins().contains("*") && !TransportType.fromValue(transport).supportsOrigin()) {
			if (logger.isWarnEnabled()) {
				logger.warn("Origin check has been enabled, but transport " + transport + " does not support it");
			}
			return false;
		}
		return super.validateRequest(serverId, sessionId, transport);

The nullpointer occurs when the transport is an unknown value (ex: bob) as the fromValue returns null when the type is not found.

---

Affects: 4.1.7, 4.2.1

Reference URL: #882

Referenced from: commits 8429c4b, 966f95b

Backported to: 4.1.8

[spring-projects-issues]

Juergen Hoeller commented

Good catch! Addressed in a slight different fashion, since the super.validateRequest should actually go first there anyway (catching a missing transport value), plus a few other refinements across that class. I'll backport all of those to 4.1.8 as well.

Juergen