RFR 8158589: Possible integer overflow issues for DRBG
Sean Mullan
sean.mullan at oracle.com
Tue Jul 5 16:40:43 UTC 2016
Looks fine, just a couple of typos:
- HashDrbg.java
84 * Note: In each current calle, requested is seedLen, therefore
small,
s/calle/call/
- CtrDrbg.java
399 "entropy plus additonal input is too long");
s/additonal/additional/
--Sean
On 06/16/2016 10:00 PM, Wang Weijun wrote:
> Ping again.
>
>> On Jun 7, 2016, at 11:52 AM, Wang Weijun <weijun.wang at oracle.com> wrote:
>>
>> Hi All
>>
>> Please take a review at
>>
>> http://cr.openjdk.java.net/~weijun/8158589/webrev.00/
>>
>> For the reseedCounter case, the default reseedInterval is Integer.MAX_VALUE and there is no integer bigger than it, therefore a new check reseedCounter < 0 is added. I had thought about making it long but can a long field be a safe volatile? I am not sure.
>>
>> I added a label noreg-cleanup, or maybe noreg-hard is better?
>>
>> Thanks
>> Max
>>
>
More information about the security-dev
mailing list