Java SIP softphone / Patches / #1 getPeersHome() not robust

#1 getPeersHome() not robust

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2012-12-06

Created: 2010-09-17

Creator: uiltje

Private: No

The call to Utils.getPeersHome() is not entirely robust.
In case of exceptions (i.e. no permission), the method should also return the empty string, as is intended, not throw an exception.

Please review and apply patch.

Discussion

uiltje - 2010-09-17

GetPeersHomePatch.txt

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

yohannmartineau - 2010-09-20

thanks for those patches, I think it's not meaningless to improve security in peers, but I think a complete review of peers source code would be necessary. I think about security restrictions on network api, etc. and there are probably many places were security flaws may hide...
Actually, it would be great to have a document which give configuration files examples for security.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

uiltje - 2010-09-23

Well, this particular one is more about consistent behaviour then security.
Clearly, the intent of the method is to return an empty string when it cannot find the property. Also returning exceptions just confuses things.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

getPeersHome() not robust

Group

Searches

Help

#1 getPeersHome() not robust

Discussion