[security-dev 00848]: Re: Code review request: 6813340: X509Factory should not depend on is.available()==0

Max (Weijun) Wang Weijun.Wang at Sun.COM
Mon May 25 11:06:50 UTC 2009


On May 25, 2009, at 6:47 PM, Xuelei Fan wrote:

> 1.
> 116         byte[] buffer = new byte[length];
>
> I would like to use a fixed length, such as 1024, for memory saving  
> for large data. Just a very very personal preference.

I see what you mean. My attempt was read it in a single shot. Will  
think about it.

>
> 2. 562 ~ 567
> You assume that the end character of a line is the same for all  
> lines. That's OK, I just worry about the situation that a program  
> generated input steam, which would include more than one of CR, LF,  
> CR+LF as line end character. Hopefully, it is not a issue.

Guess it's even more less an issue if \n is tried.

>
> 3. 584 ~ EOF
> You assume that the tag occupy only one byte, that's incorrect, the  
> tag would occupy more than one byte when it is bigger than 30. The  
> assume would make the following length parser code incorrect.
>
> You assume that the end of indefinite length is only one zero byte,  
> that's incorrect, it is zero of two bytes.

readBERInternal() reads 2 bytes at EOC, on 588 and 595.

>
> You does not handle content longer than 10K(L>0x82). I don't think  
> 10K is enough, maybe you need to handle 0x83, even 0x84 before  
> regarding the content is too hug.

OK. I would support 0x83 and 0x84. The multiple byte tag is never  
supported by DerValue related classes, so I guess it's not necessary  
to add it here.

Thanks
Max

>
> Weijun Wang wrote:
>> Hi Sean and/or Andrew
>>
>> Can any of you take a review at this bug fix:
>>
>>  bug:
>>     http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6813340
>>  webrev:
>>     http://cr.openjdk.java.net/~weijun/6813340/webrev.02/
>>
>> The bug is about too many is.available() usage in
>> X509Factory.generateXXX() methods. This means a slow stream might  
>> not be
>> consumed at all.
>>
>> The fix introduces a new method readOneBlock() which reads a block of
>> data, either PEM or DER, in block mode. The method neither uses
>> available() nor performs any mark/reset actions.
>>
>> There might be two drawbacks for this code change:
>>
>> 1. In order to avoid mark/reset, it uses a heuristic method to detect
>> the line ending of a PEM file: If the -----BEGIN----- line ends with
>> '\r' (or \n), it assumes the -----END---- line also ends with it. I
>> don't know if there are files which is hybrid. I might make another
>> change if you want more safety:
>>
>> 564  -               if (next == -1 || next == end) {
>> 564  +               if (next == -1 || next == end || next == '\n') {
>>
>>
> See above, I would like the safer one.
>
> Andrew
>> 2. Since no buffering is made, the performance might hurt. However, I
>> simply browse the usage in JDK and find many callers actually use a
>> ByteArrayInputStream, so this is not a serious problem.
>>
>> Thanks
>> Max
>>




More information about the security-dev mailing list