RFR 8183591: Incorrect behavior when reading DER value with Integer.MAX_VALUE length
Sean Mullan
sean.mullan at oracle.com
Thu Jul 20 19:32:16 UTC 2017
Looks good to me.
--Sean
On 7/20/17 9:49 AM, Adam Petcher wrote:
> Oops. Better to throw an IOException when a negative length is given to
> readFully.
>
> Webrev: http://cr.openjdk.java.net/~apetcher/8183591/webrev.02/
>
>
> On 7/18/2017 1:55 PM, Adam Petcher wrote:
>> Some additional investigation revealed that IOUtils.readFully() is
>> only used by DER, JKS, and Kerberos. None of these need the "read to
>> the end of the buffer" feature. This behavior of readFully() is
>> confusing, so it is probably best to remove it.
>>
>> Webrev: http://cr.openjdk.java.net/~apetcher/8183591/webrev.01/
>>
>>
>> On 7/12/2017 2:38 PM, Adam Petcher wrote:
>>> This is a bug fix for a corner case in which a DER value has length
>>> equal to Integer.MAX_VALUE. The code uses IOUtils.readFully() to read
>>> the value, which interprets length=Integer.MAX_VALUE to mean "read to
>>> the end." The result is that no exception will be thrown when fewer
>>> then Integer.MAX_VALUE bytes are read from the stream. The fix adds a
>>> check after the readFully() to ensure that the expected number of
>>> bytes were read.
>>>
>>> Webrev: http://cr.openjdk.java.net/~apetcher/8183591/webrev.00/
>>> JBS: https://bugs.openjdk.java.net/browse/JDK-8183591
>>>
>>
>
More information about the security-dev
mailing list