RANGER-3953: fix potential NPE during policy-engine initialization

Author: mneethiraj

agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerRequestScriptEvaluator.java

@@ -117,25 +117,37 @@ public final class RangerRequestScriptEvaluator {
 
 
 	public static boolean needsJsonCtxEnabled(String script) {
-		Matcher matcher = JSON_VAR_NAMES_PATTERN.matcher(script);
+		boolean ret = false;
+
+		if (script != null) {
+			Matcher matcher = JSON_VAR_NAMES_PATTERN.matcher(script);
 
-		boolean ret = matcher.find();
+			ret = matcher.find();
+		}
 
 		return ret;
 	}
 
 	public static boolean hasUserAttributeReference(String script) {
-		Matcher matcher = USER_ATTRIBUTES_PATTERN.matcher(script);
+		boolean ret = false;
 
-		boolean ret = matcher.find();
+		if (script != null) {
+			Matcher matcher = USER_ATTRIBUTES_PATTERN.matcher(script);
+
+			ret = matcher.find();
+		}
 
 		return ret;
 	}
 
 	public static boolean hasGroupAttributeReference(String script) {
-		Matcher matcher = GROUP_ATTRIBUTES_PATTERN.matcher(script);
+		boolean ret = false;
 
-		boolean ret = matcher.find();
+		if (script != null) {
+			Matcher matcher = GROUP_ATTRIBUTES_PATTERN.matcher(script);
+
+			ret = matcher.find();
+		}
 
 		return ret;
 	}

agents-common/src/main/java/org/apache/ranger/plugin/resourcematcher/RangerURLResourceMatcher.java

@@ -209,14 +209,19 @@ public StringBuilder toString(StringBuilder sb) {
     }
 
     static boolean isPathURLType(String url) {
+        boolean ret = false;
+
+        if (url != null) {
+            Pattern p1 = Pattern.compile(":/{2}");
+            Matcher m1 = p1.matcher(url);
 
-        Pattern p1 = Pattern.compile(":/{2}");
-        Matcher m1 = p1.matcher(url);
+            Pattern p2 = Pattern.compile(":/{3,}");
+            Matcher m2 = p2.matcher(url);
 
-        Pattern p2 = Pattern.compile(":/{3,}");
-        Matcher m2 = p2.matcher(url);
+            ret = (m1.find() && !(m2.find()));
+        }
 
-        return (m1.find() && !(m2.find()));
+        return ret;
     }
 
 

agents-common/src/main/java/org/apache/ranger/plugin/util/MacroProcessor.java

@@ -38,35 +38,36 @@ public MacroProcessor(Map<String, String> macrosMap) {
     }
 
     public String expandMacros(String expr) {
-        StringBuffer ret     = null;
-        Matcher      matcher = macrosPattern.matcher(expr);
+        StringBuffer ret = null;
 
-        while (matcher.find()) {
-            if (ret == null) {
-                ret = new StringBuffer();
-            }
+        if (expr != null) {
+            Matcher matcher = macrosPattern.matcher(expr);
 
-            String keyword  = matcher.group();
-            String replacer = macrosMap.get(keyword);
+            while (matcher.find()) {
+                if (ret == null) {
+                    ret = new StringBuffer();
+                }
 
-            matcher.appendReplacement(ret, replacer);
-        }
+                String keyword  = matcher.group();
+                String replacer = macrosMap.get(keyword);
 
-        if (ret == null) {
-            if (LOG.isDebugEnabled()) {
-                LOG.debug("expandMacros({}): no match found!", expr);
+                matcher.appendReplacement(ret, replacer);
             }
 
-            return expr;
-        } else {
-            matcher.appendTail(ret);
-
-            if (LOG.isDebugEnabled()) {
-                LOG.debug("expandMacros({}): match found. ret={}", expr, ret);
+            if (ret == null) {
+                if (LOG.isDebugEnabled()) {
+                    LOG.debug("expandMacros({}): no match found!", expr);
+                }
+            } else {
+                matcher.appendTail(ret);
+
+                if (LOG.isDebugEnabled()) {
+                    LOG.debug("expandMacros({}): match found. ret={}", expr, ret);
+                }
             }
-
-            return ret.toString();
         }
+
+        return ret != null ? ret.toString() : expr;
     }
 
     private Pattern getMacrosPattern(Map<String, String> macros) {

agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRequestExprResolver.java

@@ -124,56 +124,71 @@ public String resolveExpressions(RangerAccessRequest request) {
     }
 
     public static boolean hasExpressions(String str) {
-        Matcher matcher = PATTERN.matcher(str);
+        boolean ret = false;
+
+        if (str != null) {
+            Matcher matcher = PATTERN.matcher(str);
+
+            ret = matcher.find();
+        }
 
-        return matcher.find();
+        return ret;
     }
 
     public static boolean hasUserAttributeInExpression(String str) {
         boolean ret = false;
-        Matcher matcher = PATTERN.matcher(str);
 
-        while (matcher.find()) {
-            String expr = matcher.group(REGEX_GROUP_EXPR);
+        if (str != null) {
+            Matcher matcher = PATTERN.matcher(str);
 
-            if (RangerRequestScriptEvaluator.hasUserAttributeReference(expr)) {
-                ret = true;
+            while (matcher.find()) {
+                String expr = matcher.group(REGEX_GROUP_EXPR);
 
-                break;
+                if (RangerRequestScriptEvaluator.hasUserAttributeReference(expr)) {
+                    ret = true;
+
+                    break;
+                }
             }
         }
 
         return ret;
     }
 
     public static boolean hasGroupAttributeInExpression(String str) {
-        boolean ret     = false;
-        Matcher matcher = PATTERN.matcher(str);
+        boolean ret = false;
 
-        while (matcher.find()) {
-            String expr = matcher.group(REGEX_GROUP_EXPR);
+        if (str != null) {
+            Matcher matcher = PATTERN.matcher(str);
 
-            if (RangerRequestScriptEvaluator.hasGroupAttributeReference(expr)) {
-                ret = true;
+            while (matcher.find()) {
+                String expr = matcher.group(REGEX_GROUP_EXPR);
+
+                if (RangerRequestScriptEvaluator.hasGroupAttributeReference(expr)) {
+                    ret = true;
 
-                break;
+                    break;
+                }
             }
         }
 
         return ret;
     }
 
     public static boolean hasUserGroupAttributeInExpression(String str) {
-        boolean ret     = false;
-        Matcher matcher = PATTERN.matcher(str);
+        boolean ret = false;
 
-        while (matcher.find()) {
-            String expr = matcher.group(REGEX_GROUP_EXPR);
+        if (str != null) {
+            Matcher matcher = PATTERN.matcher(str);
 
-            if (RangerRequestScriptEvaluator.hasUserGroupAttributeReference(expr)) {
-                ret = true;
+            while (matcher.find()) {
+                String expr = matcher.group(REGEX_GROUP_EXPR);
+
+                if (RangerRequestScriptEvaluator.hasUserGroupAttributeReference(expr)) {
+                    ret = true;
 
-                break;
+                    break;
+                }
             }
         }
 

security-admin/src/main/java/org/apache/ranger/common/StringUtil.java

@@ -150,14 +150,21 @@ public boolean validateEmail(String emailAddress) {
 	}
 
 	public boolean regExPatternMatch(String expression, String inputStr) {
-		Pattern pattern = compiledRegEx.get(expression);
-		if (pattern == null) {
-			pattern = Pattern.compile(expression, Pattern.CASE_INSENSITIVE);
-			compiledRegEx.put(expression, pattern);
+		boolean ret = false;
+
+		if (expression != null && inputStr != null) {
+			Pattern pattern = compiledRegEx.get(expression);
+
+			if (pattern == null) {
+				pattern = Pattern.compile(expression, Pattern.CASE_INSENSITIVE);
+				compiledRegEx.put(expression, pattern);
+			}
+
+			Matcher matcher = pattern.matcher(inputStr);
+			ret = matcher.matches();
 		}
 
-		Matcher matcher = pattern.matcher(inputStr);
-		return matcher.matches();
+		return ret;
 	}
 
 	public boolean validateString(String regExStr, String str) {
@@ -205,7 +212,7 @@ public static String trim(String str) {
 	}
 
 	/**
-	 * @param firstName
+	 * @param name
 	 * @return
 	 */
 	public boolean isValidName(String name) {