[security-dev 00804]: what does a null OID mean here?
Weijun Wang
Weijun.Wang at Sun.COM
Wed May 6 08:37:32 UTC 2009
In src/share/classes/sun/security/x509/GeneralSubtrees.java
243 private GeneralSubtree createWidestSubtree(
GeneralNameInterface name) {
244 try {
245 GeneralName newName;
246 switch (name.getType()) {
....
274 case GeneralNameInterface.NAME_OID:
275 newName = new GeneralName
276 (new OIDName(new ObjectIdentifier(
(int[])null)));
277 break;
Here, "new ObjectIdentifier((int[])null)" will throw an NPE with my new
OID implementation.
I'd like to update line 276 to a simple 'new OIDName(null)', this means
the oid field in OIDName can be null, so a series of code updates in
OIDName should be made to allow it. Especially, I need to update the
equals(*) method there.
Is this enough? I think OIDName are already compared with exact equality
and no wildcard is allowed there.
Or, is it more clear to create a public final static field OIDName.ANY?
Thanks
Max
More information about the security-dev
mailing list