Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Cosmetic
-
Resolution: Fixed
-
Affects Version/s: EJBCA 7.1.0
-
Fix Version/s: EJBCA 7.4.3
-
Component/s: None
-
Labels:
-
Issue discovered during:Review
Description
org.cesecore.certificates.crl.CRLData.crlExistsForCa(EntityManager, String) JavaDoc is incorrect.
The method
/** * @return true if at least one CRL exists for the given CA. */ public static boolean crlExistsForCa(final EntityManager entityManager, final String issuerDn) { final Query query = entityManager .createQuery("SELECT a.crlNumber FROM CRLData a WHERE a.issuerDN=:issuerDN"); query.setParameter("issuerDN", issuerDn); return QueryResultWrapper.getSingleResult(query) != null; }
is lacking a query.setMaxResults(1); and will throw a javax.persistence.NonUniqueResultException if there is more than one CRL present for the issuer (even full+delta or partitions).
Since it is currently only used to check for an illegal state from org.ejbca.core.ejb.ca.caadmin.CAAdminSessionBean.renewCAInternal(AuthenticationToken, int, String, Date, boolean, String) there is no real impact, but future use of this API could fail worse.