RFR: 8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
Bradford Wetmore
bradford.wetmore at oracle.com
Thu Jul 28 00:39:16 UTC 2016
This bug has been around since JDK 5 and likely before. :(
If you bundle a specific length cryptoPerms, calls to Cipher with an
illegal size key will NPE. The fix in CryptoPermissions is almost
exactly the same as what is in java.security.Permissions.
I took the liberty of doing a little syntactic cleanup in the file. The
only change of note is in the implies() code.
https://bugs.openjdk.java.net/browse/JDK-8161527
http://cr.openjdk.java.net/~wetmore/8161527/webrev.00/
Thanks,
Brad
More information about the security-dev
mailing list