修复代码审计可能空指针异常

dd326000 · 邝钲钞 · 2b6eee9c · dd326000 · dd326000 · dd326000
Commit dd326000 authored Jun 24, 2021 by 邝钲钞
4 changed files
--- a/core-service/src/main/java/com/winsun/item/config/web/ShiroConfig.java
+++ b/core-service/src/main/java/com/winsun/item/config/web/ShiroConfig.java
@@ -109,19 +109,17 @@ public class ShiroConfig {
    @Bean
    public CookieRememberMeManager rememberMeManager(SimpleCookie rememberMeCookie) {
-        KeyGenerator keygen = null;
        try {
-            keygen = KeyGenerator.getInstance("AES");
+            KeyGenerator keygen = KeyGenerator.getInstance("AES");
-        } catch (NoSuchAlgorithmException e) {
-            e.printStackTrace();
-        }
            SecretKey deskey = keygen.generateKey();
-        System.out.println(">>>>"+Base64.encodeToString(deskey.getEncoded()));
            CookieRememberMeManager manager = new CookieRememberMeManager();
            manager.setCipherKey(Base64.decode(deskey.getEncoded()));
            manager.setCookie(rememberMeCookie);
            return manager;
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+            return null;
+        }
    }
    @Bean

--- a/core-service/src/test/java/com/winsun/user/UserTestHelper.java
+++ b/core-service/src/test/java/com/winsun/user/UserTestHelper.java
@@ -28,8 +28,8 @@ public class UserTestHelper extends AppApplicationBaseIT {
 //        // 证明MD5无法解密
 //        ResponseData<String> pwdDecrypt = LoginUtils.pwdDecrypt(user.getPassword());
 //        log.info("{}", pwdDecrypt.getData());
+//
-        String orderSeq = RandomUtil.RandomNumber(32);
+//        String orderSeq = RandomUtil.RandomNumber(32);
-        System.out.println(orderSeq);
+//        System.out.println(orderSeq);
    }
 }
--- a/migration/src/main/java/com/winsun/item/config/web/ShiroConfig.java
+++ b/migration/src/main/java/com/winsun/item/config/web/ShiroConfig.java
@@ -109,19 +109,17 @@ public class ShiroConfig {
    @Bean
    public CookieRememberMeManager rememberMeManager(SimpleCookie rememberMeCookie) {
-        KeyGenerator keygen = null;
        try {
-            keygen = KeyGenerator.getInstance("AES");
+            KeyGenerator keygen = KeyGenerator.getInstance("AES");
-        } catch (NoSuchAlgorithmException e) {
-            e.printStackTrace();
-        }
            SecretKey deskey = keygen.generateKey();
-        //System.out.println(">>>>"+Base64.encodeToString(deskey.getEncoded()));
            CookieRememberMeManager manager = new CookieRememberMeManager();
            manager.setCipherKey(Base64.decode(deskey.getEncoded()));
            manager.setCookie(rememberMeCookie);
            return manager;
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+            return null;
+        }
    }
    @Bean

--- a/service-manager/src/main/java/com/winsun/item/config/web/ShiroConfig.java
+++ b/service-manager/src/main/java/com/winsun/item/config/web/ShiroConfig.java
@@ -109,19 +109,17 @@ public class ShiroConfig {
    @Bean
    public CookieRememberMeManager rememberMeManager(SimpleCookie rememberMeCookie) {
-        KeyGenerator keygen = null;
        try {
-            keygen = KeyGenerator.getInstance("AES");
+            KeyGenerator keygen = KeyGenerator.getInstance("AES");
-        } catch (NoSuchAlgorithmException e) {
-            e.printStackTrace();
-        }
            SecretKey deskey = keygen.generateKey();
-        //System.out.println(">>>>"+Base64.encodeToString(deskey.getEncoded()));
            CookieRememberMeManager manager = new CookieRememberMeManager();
            manager.setCipherKey(Base64.decode(deskey.getEncoded()));
            manager.setCookie(rememberMeCookie);
            return manager;
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+            return null;
+        }
    }
    @Bean