Skip to content

DirectConnection.listen() NPE in SASL.doResponse with sd-bus peer #294

New issue
New issue
Open
Open
DirectConnection.listen() NPE in SASL.doResponse with sd-bus peer#294
@Monkopedia

Description

@Monkopedia
Monkopedia
opened on Feb 15, 2026

DirectConnection.listen() crashes with NPE in SASL.doResponse when peer is sd-bus

Summary

dbus-java server-side direct bus listener crashes with:

java.lang.NullPointerException
  at java.text.RuleBasedCollator.compare
  at org.freedesktop.dbus.connections.SASL.doResponse(SASL.java:369)

when the connecting peer is native sd-bus (C/libsystemd).

This looks like a null-handling bug in SASL response processing for AUTH EXTERNAL.

Environment

  • dbus-java-core: 5.1.1
  • dbus-java-transport-junixsocket: 5.1.1
  • Java: 21.0.10
  • OS: Linux x86_64 (6.18.7-arch1-1)
  • Native peer: libsystemd 259

Minimal Reproducer

I created a standalone repro with:

  • Java server: DirectConnectionBuilder.forAddress("unix:path=...,listen=true").build(); connection.listen();
  • C client using sd-bus:
    • sd_bus_new
    • sd_bus_set_address("unix:path=...")
    • sd_bus_start

Run:

./repro/dbus-java-sasl-npe/run-repro.sh

Repro files:

  • repro/dbus-java-sasl-npe/server/src/main/java/repro/DbusJavaServer.java
  • repro/dbus-java-sasl-npe/client/sd_bus_client.c
  • repro/dbus-java-sasl-npe/run-repro.sh

Actual Result

Server exits with:

Exception in thread "main" java.lang.NullPointerException
    at java.base/java.text.RuleBasedCollator.compare(RuleBasedCollator.java:359)
    at org.freedesktop.dbus.connections.SASL.doResponse(SASL.java:369)
    at org.freedesktop.dbus.connections.SASL.auth(SASL.java:625)
    at org.freedesktop.dbus.connections.transports.AbstractTransport.authenticate(AbstractTransport.java:254)
    at org.freedesktop.dbus.connections.transports.AbstractTransport.internalConnect(AbstractTransport.java:230)
    at org.freedesktop.dbus.connections.transports.AbstractTransport.listen(AbstractTransport.java:215)
    at org.freedesktop.dbus.connections.impl.DirectConnection.listen(DirectConnection.java:66)
    at repro.DbusJavaServer.main(DbusJavaServer.java:47)

Expected Result

DirectConnection.listen() should not crash; it should either authenticate successfully or reject auth without throwing NPE.

Notes

In the D-Bus auth protocol, AUTH initial response is optional. A missing initial payload should be handled safely:

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions