code review request: 7099399: cannot deal with CRL file larger than 16MB
Xuelei Fan
xuelei.fan at oracle.com
Tue Oct 11 02:15:41 UTC 2011
I'm not sure why the latest byte cannot be 0xFF? What about if my
content length is 256? For example:
677 if (lowByte == -1) {
678 throw new IOException("Incomplete BER/DER length info");
679 }
Otherwise, looks fine to me.
Xuelei
On 10/11/2011 9:05 AM, Weijun Wang wrote:
> Webrev at http://cr.openjdk.java.net/~weijun/7099399/webrev.00/
>
> Basically, we're now accepting X.509 block of 4-octets length. For
> simplicity, the highest byte must be <= 127, so that the length can be
> expressed with a 32-bit int.
>
> Thanks
> Max
>
>
> -------- Original Message --------
> *Change Request ID*: 7099399
> *Synopsis*: cannot deal with CRL file larger than 16MB
>
> Product: java
> Category: java
> Subcategory: classes_security
> Type: Defect
>
> === *Description*
> ============================================================
> The X.509 impl of CertificateFactory only parses X.509 blocks smaller
> than 16MB, i.e. when the length can be encoded in 3 octets. Now we have
> a customer whose CRL file is as big as 30MB.
>
More information about the security-dev
mailing list