RFR 8068720: ArrayIndexOutOfBoundsException in JSSE with NetscapeCertType "SSL client"

Ivan Gerasimov ivan.gerasimov at oracle.com
Wed Jan 28 21:04:00 UTC 2015


Hello!

Behavior of sun.security.x509.NetscapeCertTypeExtension turns out to be 
inconsistent.
It greatly depends on the order in which the entries are set/retrieved.

The inconsistency is illustrated in the regression test:

While these two lines work fine,

   38         ext1.set(SSL_SERVER, true);
   39         ext1.get(SSL_CLIENT);

next two lines result in AIOOBEx:

   43         ext2.set(SSL_CLIENT, true);
   44         ext2.get(SSL_SERVER);



The fix is trivial.
Would you please help review it?

BUGURL: https://bugs.openjdk.java.net/browse/JDK-8068720
WEBREV: http://cr.openjdk.java.net/~igerasim/8068720/0/webrev/


Sincerely yours,
Ivan



More information about the security-dev mailing list