JDK-8163104 : Unexpected NPE still possible on some Kerberos ticket calls
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.security
  • Affected Version: 9
  • Priority: P4
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2016-08-03
  • Updated: 2020-02-26
  • Resolved: 2016-08-10
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 8 JDK 9 Other
8u152Fixed 9 b132Fixed openjdk7uFixed
Related Reports
Relates :  
JDK-8147772 - Update KerberosTicket to describe behavior if it has been destroyed and fix NullPointerExceptions
Description
JDK-8147772 fixed up most NPE issues for KerberosTickets. Howerver, I think there are still some corner cases. Here's one example : 
src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5InitCredential.java#238
Comments
Dev engineer has suggested that methods like Krb5InitCredential::getInitLifeTime should return 0 if null pointer is encountered (ticket destroyed scenario). if code is calling this method without checking isDestroyed() first, this will convince end user that the ticket is no longer usable. There are a few other related calls that need tightening also
03-08-2016