RFR[12] JDK-8214096: sun.security.util.SignatureUtil passes null parameter, so JCE validation fails
Weijun Wang
weijun.wang at oracle.com
Tue Dec 18 03:14:06 UTC 2018
Hi Valerie,
Please put lines 87 and 100 into the if-not-null block. Otherwise fine.
Do you think we can enhance the Signature::setParameter method and claim a null parameter is not meaningful at all and should not have any effect on the internal state of the signature object? Otherwise an application really has no idea whether to call it.
Thanks,
Max
> On Dec 18, 2018, at 8:41 AM, Valerie Peng <valerie.peng at oracle.com> wrote:
>
> Any one has time to review this straightforward fix? Details on cause and fix is elaborated in the link below:
>
> Bug: https://bugs.openjdk.java.net/browse/JDK-8214096
>
> Webrev can be found at http://cr.openjdk.java.net/~valeriep/8214096/webrev.00/
>
> Regards,
> Valerie
>
>
More information about the security-dev
mailing list