JDK 8 Code Review Request: 6500133/6931888: CertificateParsingException for CDP
Jason Uh
jason.uh at oracle.com
Wed Aug 15 23:37:47 UTC 2012
Thanks, Sean.
New webrev updated with your suggestions:
http://cr.openjdk.java.net/~juh/6500133/webrev.01/
Jason
On 08/15/2012 10:38 AM, Sean Mullan wrote:
> This looks good to me. Couple of comments:
>
> 111: Can you add a comment, something like "Try parsing the URI again
> after encoding/escaping any illegal characters".
>
> 113-4: When this code was written there probably wasn't yet an
> IOException(String, Throwable) ctor. Now there is, so you can change
> this to:
>
> throw new IOException("invalid URI name:" + name, use2);
>
> There are also a couple other places in URIName where you can replace
> the same code using initCause with the IOExc ctor above. That's a
> low-risk refactoring you can include in this change.
>
> --Sean
>
> On 08/14/2012 11:51 PM, Jason Uh wrote:
>> Hi all,
>>
>> This change fixes --
>> 6500133: CertificateParsingException for CRL Distribution Point with
>> blank; and
>> 6931888: Inconsistent behavior for invalid URI name in cert file
>>
>> CRs:
>> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6500133
>> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6931888
>>
>> They are effectively duplicates, both regarding an exception thrown when
>> parsing CRL Distribution Point URIs with invalid characters, like a
>> space or backslash. This change uses
>> sun.net.www.ParseUtil.encodePath(String) to re-encode bad URIs.
>>
>> Webrev: http://cr.openjdk.java.net/~juh/6500133/webrev.00/
>>
>> Thanks,
>> Jason
>
More information about the security-dev
mailing list