RFR 8068720: ArrayIndexOutOfBoundsException in JSSE with NetscapeCertType "SSL client"
Ivan Gerasimov
ivan.gerasimov at oracle.com
Wed Jan 28 21:04:00 UTC 2015
Hello!
Behavior of sun.security.x509.NetscapeCertTypeExtension turns out to be
inconsistent.
It greatly depends on the order in which the entries are set/retrieved.
The inconsistency is illustrated in the regression test:
While these two lines work fine,
38 ext1.set(SSL_SERVER, true);
39 ext1.get(SSL_CLIENT);
next two lines result in AIOOBEx:
43 ext2.set(SSL_CLIENT, true);
44 ext2.get(SSL_SERVER);
The fix is trivial.
Would you please help review it?
BUGURL: https://bugs.openjdk.java.net/browse/JDK-8068720
WEBREV: http://cr.openjdk.java.net/~igerasim/8068720/0/webrev/
Sincerely yours,
Ivan
More information about the security-dev
mailing list