From d5b4fb4fe9738f49689a3b0e63cbff4380da528e Mon Sep 17 00:00:00 2001
From: Sebastian Stenzel <sebastian.stenzel@gmail.com>
Date: Fri, 4 Mar 2016 01:20:38 +0100
Subject: [PATCH] json parsing exception handling, see Coverity issues 72297,
 72296, 72295

---
 .../java/org/cryptomator/crypto/engine/impl/CryptorImpl.java | 5 +++++
 .../org/cryptomator/ui/model/VaultObjectMapperProvider.java  | 4 ++++
 2 files changed, 9 insertions(+)

diff --git a/main/filesystem-crypto/src/main/java/org/cryptomator/crypto/engine/impl/CryptorImpl.java b/main/filesystem-crypto/src/main/java/org/cryptomator/crypto/engine/impl/CryptorImpl.java
index 8d485c15c..30d6ff8f8 100644
--- a/main/filesystem-crypto/src/main/java/org/cryptomator/crypto/engine/impl/CryptorImpl.java
+++ b/main/filesystem-crypto/src/main/java/org/cryptomator/crypto/engine/impl/CryptorImpl.java
@@ -35,6 +35,7 @@ import org.cryptomator.crypto.engine.UnsupportedVaultFormatException;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.exc.InvalidFormatException;
 
 class CryptorImpl implements Cryptor {
 
@@ -99,9 +100,13 @@ class CryptorImpl implements Cryptor {
 		try {
 			final ObjectMapper om = new ObjectMapper();
 			keyFile = om.readValue(masterkeyFileContents, KeyFile.class);
+			if (keyFile == null) {
+				throw new InvalidFormatException("Could not read masterkey file", keyFile, KeyFile.class);
+			}
 		} catch (IOException e) {
 			throw new IllegalArgumentException("Unable to parse masterkeyFileContents", e);
 		}
+		assert keyFile != null;
 
 		// check version
 		if (keyFile.getVersion() != CURRENT_VAULT_VERSION || ArrayUtils.isEmpty(keyFile.getVersionMac())) {
diff --git a/main/ui/src/main/java/org/cryptomator/ui/model/VaultObjectMapperProvider.java b/main/ui/src/main/java/org/cryptomator/ui/model/VaultObjectMapperProvider.java
index 61e2e1830..0f0151ee8 100644
--- a/main/ui/src/main/java/org/cryptomator/ui/model/VaultObjectMapperProvider.java
+++ b/main/ui/src/main/java/org/cryptomator/ui/model/VaultObjectMapperProvider.java
@@ -27,6 +27,7 @@ import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.JsonSerializer;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.exc.InvalidFormatException;
 import com.fasterxml.jackson.databind.module.SimpleModule;
 
 @Singleton
@@ -70,6 +71,9 @@ public class VaultObjectMapperProvider implements Provider<ObjectMapper> {
 		@Override
 		public Vault deserialize(JsonParser jp, DeserializationContext ctxt) throws IOException, JsonProcessingException {
 			final JsonNode node = jp.readValueAsTree();
+			if (node == null || !node.has("path")) {
+				throw new InvalidFormatException("Node is null or doesn't contain a path.", node, Vault.class);
+			}
 			final String pathStr = node.get("path").asText();
 			final Path path = FileSystems.getDefault().getPath(pathStr);
 			final Vault vault = vaultFactoy.createVault(path);