Skip to content

Validate inputs in OAuthBearerSetToken #2444

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Validate inputs in OAuthBearerSetToken #2444

wants to merge 2 commits into from

Conversation

@danwkennedy
Copy link

@danwkennedy danwkennedy commented Apr 2, 2025

What

The documentation for OAuthBearerSetToken notes that tokenValue and principalName are required parameters but doesn't check them for null values. As seen in this issue, if principalName is null, the underlying library call will segfault (and do so silently in a Docker/Kubernetes environment. To keep from segfaulting, we can simply check those values for null and throw accordingly.

Checklist

  • Contains customer facing changes? Including API/behavior changes
  • Did you add sufficient unit test and/or integration test coverage for this PR?
    • If not, please explain why it is not required

References

Issue: #2158

Test & Review

Open questions / Follow-ups

Copilot AI review requested due to automatic review settings April 2, 2025 18:18
@danwkennedy danwkennedy requested review from a team as code owners April 2, 2025 18:18
Copilot AI reviewed Apr 2, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR introduces null checks for the required parameters of OAuthBearerSetToken to prevent a segmentation fault when invalid arguments are provided.

  • Adds checks to ensure tokenValue and principalName are not null.
  • Throws an ArgumentNullException if either parameter is null.

Tip: Copilot code review supports C#, Go, Java, JavaScript, Markdown, Python, Ruby and TypeScript, with more languages coming soon. Learn more

@danwkennedy danwkennedy mentioned this pull request Apr 2, 2025
Open
8 tasks
@rayokota
Copy link
Member

rayokota commented Apr 4, 2025

/sem-approve

@rayokota
Copy link
Member

rayokota commented Apr 4, 2025

/sem-approve

Havret
Havret suggested changes May 7, 2025
View reviewed changes
Copy link
Contributor

@Havret Havret left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's would be nice to have a test for that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@Havret Havret Havret requested changes

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@danwkennedy @rayokota @Havret