Request for phase 2 approval for CR 7099399 - cannot deal with CRL file larger than 16MB
Edvard Wendelin
edvard.wendelin at oracle.com
Tue Oct 18 13:56:45 PDT 2011
Approved.
Cheers,
Edvard
On 17 okt 2011, at 03.25, Weijun Wang wrote:
> Hi All
>
> This is a request to backport a jdk8 fix into jdk7u2 phase 2.
>
> 7099399: cannot deal with CRL file larger than 16MB
> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7099399
>
> Description:
>
> This is a regression in JDK 7. When a CRL is bigger than 16M (2^24),
> the X.509 CertificateFactory cannot load it. For example, DoD has a
> CRL of 33MB.
>
> The fix is already included in jdk8 as:
>
> http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6cb07b35acf5
>
> reviewed by Sean Mullan (the component lead) and Xuelei Fan at
>
> http://mail.openjdk.java.net/pipermail/security-dev/2011-October/thread.html#3888
>
> The fix is trivial and adds a new block to parse a CRL up to the
> size of 2^31 (2GB) bytes. A new regression test is added. I've also
> used JPRT to run other jdk regression tests on all supported
> platforms.
>
> Change for jdk7u is identical to that of jdk8.
>
> I intend to push it to
>
> ssh://hg.openjdk.java.net/jdk7u/jdk7u2-dev-gate/jdk
>
> Thanks
> Weijun
More information about the jdk7u-dev
mailing list