From bb79224f6b59d71098863ada728623bd728df6ff Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Mon, 23 Sep 2013 10:53:27 -0400
Subject: [PATCH] Fix potential NPE in cookie retrieval

---
 src/main/java/com/gitblit/ConfigUserService.java |    9 +++++++++
 1 files changed, 9 insertions(+), 0 deletions(-)

diff --git a/src/main/java/com/gitblit/ConfigUserService.java b/src/main/java/com/gitblit/ConfigUserService.java
index 8a6c92f..2475b9a 100644
--- a/src/main/java/com/gitblit/ConfigUserService.java
+++ b/src/main/java/com/gitblit/ConfigUserService.java
@@ -188,6 +188,9 @@
 		}
 		read();
 		UserModel storedModel = users.get(model.username.toLowerCase());
+		if (storedModel == null) {
+			return null;
+		}
 		return storedModel.cookie;
 	}
 
@@ -208,6 +211,12 @@
 		if (cookies.containsKey(hash)) {
 			model = cookies.get(hash);
 		}
+		
+		if (model != null) {
+			// clone the model, otherwise all changes to this object are
+			// live and unpersisted
+			model = DeepCopier.copy(model);
+		}
 		return model;
 	}
 

--
Gitblit v1.9.1