RFR 8068720: ArrayIndexOutOfBoundsException in JSSE with NetscapeCertType "SSL client"

Ivan Gerasimov ivan.gerasimov at oracle.com
Thu Jan 29 06:45:44 UTC 2015


On 29.01.2015 0:24, Michael StJohns wrote:
> Not critical and more work, but maybe just update this to use java.util.BitSet?

I'd prefer not to invest much effort in refactoring of this class.
Let's limit scope of the fix by only getting rid of AIOOB exception for 
positive indices!

Sincerely yours,
Ivan

> Mike
>
>
> At 04:04 PM 1/28/2015, Ivan Gerasimov wrote:
>> Hello!
>>
>> Behavior of sun.security.x509.NetscapeCertTypeExtension turns out to be inconsistent.
>> It greatly depends on the order in which the entries are set/retrieved.
>>
>> The inconsistency is illustrated in the regression test:
>>
>> While these two lines work fine,
>>
>>   38         ext1.set(SSL_SERVER, true);
>>   39         ext1.get(SSL_CLIENT);
>>
>> next two lines result in AIOOBEx:
>>
>>   43         ext2.set(SSL_CLIENT, true);
>>   44         ext2.get(SSL_SERVER);
>>
>>
>>
>> The fix is trivial.
>> Would you please help review it?
>>
>> BUGURL: https://bugs.openjdk.java.net/browse/JDK-8068720
>> WEBREV: http://cr.openjdk.java.net/~igerasim/8068720/0/webrev/
>>
>>
>> Sincerely yours,
>> Ivan
>
>
>



More information about the security-dev mailing list