RFR 8183591: Incorrect behavior when reading DER value with Integer.MAX_VALUE length

Adam Petcher adam.petcher at oracle.com
Thu Jul 20 13:49:28 UTC 2017

Oops. Better to throw an IOException when a negative length is given to 

Webrev: http://cr.openjdk.java.net/~apetcher/8183591/webrev.02/

On 7/18/2017 1:55 PM, Adam Petcher wrote:
> Some additional investigation revealed that IOUtils.readFully() is 
> only used by DER, JKS, and Kerberos. None of these need the "read to 
> the end of the buffer" feature. This behavior of readFully() is 
> confusing, so it is probably best to remove it.
> Webrev: http://cr.openjdk.java.net/~apetcher/8183591/webrev.01/
> On 7/12/2017 2:38 PM, Adam Petcher wrote:
>> This is a bug fix for a corner case in which a DER value has length 
>> equal to Integer.MAX_VALUE. The code uses IOUtils.readFully() to read 
>> the value, which interprets length=Integer.MAX_VALUE to mean "read to 
>> the end." The result is that no exception will be thrown when fewer 
>> then Integer.MAX_VALUE bytes are read from the stream. The fix adds a 
>> check after the readFully() to ensure that the expected number of 
>> bytes were read.
>> Webrev: http://cr.openjdk.java.net/~apetcher/8183591/webrev.00/
>> JBS: https://bugs.openjdk.java.net/browse/JDK-8183591

More information about the security-dev mailing list