Fix parameter validation in ApplicationDescriptorDTO, IsolatedClassLoader, and ServiceRegistryImpl

Flossy · claude · Scot P. Floess · commit 2225fd3ff3da · 2026-05-24T03:54:27.000-04:00
Issue #81: ApplicationDescriptorDTO permission conversion doesn't validate null fields - Location: toSecurityConfig() method - Problem: Created Permission objects without validating DTO fields are non-null - Fix: Added validation for path, host, actions, and permission names - Impact: Clear error messages instead of NPE when config has null values Issue #80: IsolatedClassLoader.create() doesn't validate parameters - Location: static factory method create() - Problem: No validation of applicationId, descriptor, or platformSharedLoader - Fix: Added Objects.requireNonNull() for all three parameters - Impact: Fails fast with clear message instead of NPE deep in factory method Issue #79: ServiceRegistryImpl methods don't validate parameters - Location: getService(), getAllServices(), unregisterService() - Problem: JavaDoc claimed NPE would be thrown but no validation present - Fix: Added Objects.requireNonNull() for all parameters - Impact: Contract fulfilled, clearer error messages All fixes follow defensive programming pattern: - Validate early (fail fast) - Clear error messages indicating which parameter was null - Consistent with existing validation patterns in codebase Fixes: #81, #80, #79 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
diff --git a/jplatform-classloader/src/main/java/org/flossware/jplatform/classloader/IsolatedClassLoader.java b/jplatform-classloader/src/main/java/org/flossware/jplatform/classloader/IsolatedClassLoader.java
@@ -8,6 +8,7 @@
 import java.io.File;
 import java.net.URI;
 import java.util.Map;
+import java.util.Objects;
 
 /**
  * Platform-specific class loader for isolated application execution.
@@ -43,6 +44,9 @@ private IsolatedClassLoader(String applicationId,
     public static IsolatedClassLoader create(String applicationId,
                                              ApplicationDescriptor descriptor,
                                              ClassLoader platformSharedLoader) {
+        Objects.requireNonNull(applicationId, "applicationId cannot be null");
+        Objects.requireNonNull(descriptor, "descriptor cannot be null");
+        Objects.requireNonNull(platformSharedLoader, "platformSharedLoader cannot be null");
 
         ResourceTrackingListener tracker = new ResourceTrackingListener();
 
diff --git a/jplatform-config/src/main/java/org/flossware/jplatform/config/ApplicationDescriptorDTO.java b/jplatform-config/src/main/java/org/flossware/jplatform/config/ApplicationDescriptorDTO.java
@@ -200,18 +200,33 @@ public SecurityConfig toSecurityConfig() {
 
             if (filePermissions != null) {
                 for (FilePermissionDTO fp : filePermissions) {
+                    if (fp.path == null || fp.path.trim().isEmpty()) {
+                        throw new IllegalArgumentException("File permission path cannot be null or empty");
+                    }
+                    if (fp.actions == null || fp.actions.trim().isEmpty()) {
+                        throw new IllegalArgumentException("File permission actions cannot be null or empty");
+                    }
                     builder.addFilePermission(new FilePermission(fp.path, fp.actions));
                 }
             }
 
             if (socketPermissions != null) {
                 for (SocketPermissionDTO sp : socketPermissions) {
+                    if (sp.host == null || sp.host.trim().isEmpty()) {
+                        throw new IllegalArgumentException("Socket permission host cannot be null or empty");
+                    }
+                    if (sp.actions == null || sp.actions.trim().isEmpty()) {
+                        throw new IllegalArgumentException("Socket permission actions cannot be null or empty");
+                    }
                     builder.addSocketPermission(new SocketPermission(sp.host, sp.actions));
                 }
             }
 
             if (runtimePermissions != null) {
                 for (String rp : runtimePermissions) {
+                    if (rp == null || rp.trim().isEmpty()) {
+                        throw new IllegalArgumentException("Runtime permission name cannot be null or empty");
+                    }
                     builder.addRuntimePermission(new RuntimePermission(rp));
                 }
             }
diff --git a/jplatform-messaging/src/main/java/org/flossware/jplatform/messaging/ServiceRegistryImpl.java b/jplatform-messaging/src/main/java/org/flossware/jplatform/messaging/ServiceRegistryImpl.java
@@ -101,6 +101,8 @@ public <T> void registerService(Class<T> serviceInterface, T implementation) {
      */
     @Override
     public <T> Optional<T> getService(Class<T> serviceInterface) {
+        Objects.requireNonNull(serviceInterface, "serviceInterface cannot be null");
+
         List<ServiceEntry> entries = services.get(serviceInterface);
 
         if (entries == null || entries.isEmpty()) {
@@ -125,6 +127,8 @@ public <T> Optional<T> getService(Class<T> serviceInterface) {
      */
     @Override
     public <T> List<T> getAllServices(Class<T> serviceInterface) {
+        Objects.requireNonNull(serviceInterface, "serviceInterface cannot be null");
+
         List<ServiceEntry> entries = services.get(serviceInterface);
 
         if (entries == null || entries.isEmpty()) {
@@ -154,6 +158,9 @@ public <T> List<T> getAllServices(Class<T> serviceInterface) {
      */
     @Override
     public void unregisterService(Class<?> serviceInterface, Object implementation) {
+        Objects.requireNonNull(serviceInterface, "serviceInterface cannot be null");
+        Objects.requireNonNull(implementation, "implementation cannot be null");
+
         List<ServiceEntry> entries = services.get(serviceInterface);
 
         if (entries != null) {

Original file line number	Diff line number	Diff line change
`@@ -200,18 +200,33 @@ public SecurityConfig toSecurityConfig() {`
`200`	`200`
`201`	`201`	`if (filePermissions != null) {`
`202`	`202`	`for (FilePermissionDTO fp : filePermissions) {`
	`203`	`+ if (fp.path == null \|\| fp.path.trim().isEmpty()) {`
	`204`	`+ throw new IllegalArgumentException("File permission path cannot be null or empty");`
	`205`	`+ }`
	`206`	`+ if (fp.actions == null \|\| fp.actions.trim().isEmpty()) {`
	`207`	`+ throw new IllegalArgumentException("File permission actions cannot be null or empty");`
	`208`	`+ }`
`203`	`209`	`builder.addFilePermission(new FilePermission(fp.path, fp.actions));`
`204`	`210`	`}`
`205`	`211`	`}`
`206`	`212`
`207`	`213`	`if (socketPermissions != null) {`
`208`	`214`	`for (SocketPermissionDTO sp : socketPermissions) {`
	`215`	`+ if (sp.host == null \|\| sp.host.trim().isEmpty()) {`
	`216`	`+ throw new IllegalArgumentException("Socket permission host cannot be null or empty");`
	`217`	`+ }`
	`218`	`+ if (sp.actions == null \|\| sp.actions.trim().isEmpty()) {`
	`219`	`+ throw new IllegalArgumentException("Socket permission actions cannot be null or empty");`
	`220`	`+ }`
`209`	`221`	`builder.addSocketPermission(new SocketPermission(sp.host, sp.actions));`
`210`	`222`	`}`
`211`	`223`	`}`
`212`	`224`
`213`	`225`	`if (runtimePermissions != null) {`
`214`	`226`	`for (String rp : runtimePermissions) {`
	`227`	`+ if (rp == null \|\| rp.trim().isEmpty()) {`
	`228`	`+ throw new IllegalArgumentException("Runtime permission name cannot be null or empty");`
	`229`	`+ }`
`215`	`230`	`builder.addRuntimePermission(new RuntimePermission(rp));`
`216`	`231`	`}`
`217`	`232`	`}`