[Updated] RFR: JDK-8032573

Jamil Nimeh jamil.j.nimeh at oracle.com
Tue Oct 14 17:42:19 UTC 2014


Hello all, this is another update to JDK-8032573.  This link adds the 
JDK 8 backport.  It's pretty much the same fix, with the addition of 
moving a couple StringBuffers to StringBuilders.  I'm also still looking 
for a yea/nay on the JDK 9 proposed fix as well.

JDK 9 webrev: http://cr.openjdk.java.net/~ascarpino/8032573/webrev.02/
JDK 8 webrev: http://cr.openjdk.java.net/~ascarpino/8057141/webrev.01/
JBS Bug: https://bugs.openjdk.java.net/browse/JDK-8032573

Thanks,
--Jamil

On 10/09/2014 10:09 AM, Jamil Nimeh wrote:
> Hello all, this is an update to address review comments and some 
> cleanup of a couple warnings given by NetBeans.
>
> http://cr.openjdk.java.net/~ascarpino/8032573/webrev.02/
>
> Thank you,
> --Jamil
>
> On 09/29/2014 02:11 PM, Jamil Nimeh wrote:
>> Hello all,
>>
>> This review fixes a small regression in the generateCertificates() 
>> and generateCRLs() methods for the CertificateFactory class.  At some 
>> point, input consisting entirely of non-certificate data ceased to 
>> throw CertificateException or CRLException and instead returned an 
>> empty collection.  This restores the exception-throwing behavior, but 
>> only when the entire stream is non-cert data. Cases where there is 
>> leading/trailing text around a valid PEM-encoded certificate or CRL 
>> will still ignore the leading/trailing data and parse the 
>> certificate/CRL properly as before.
>>
>> Bug: https://bugs.openjdk.java.net/browse/JDK-8032573
>> Review: http://cr.openjdk.java.net/~ascarpino/8032573/webrev.01/
>>
>> Thank you,
>> --Jamil
>>
>



More information about the security-dev mailing list