RFR 8201867: Kerberos keytabs with holes in certain places are parsed incorrectly
Valerie Peng
valerie.peng at oracle.com
Wed May 16 22:43:10 UTC 2018
Looking at the BufferedInputStream impl, it looks like its skip(...)
method should trigger the internal array to be refilled when the
internal bytes are used up. Maybe something like below would also work?
while (n > 0) {
int n2 = skip(n);
if (n2 == 0) {throw new IOException("Premature EOF reached"); } else { n -= n2; } }
Valerie
On 4/24/2018 7:42 AM, Weijun Wang wrote:
> Please take a review at
>
> http://cr.openjdk.java.net/~weijun/8201867/webrev.00/
>
> When the hole in keytab is right on the 8192 buffer boundary, skip(n) does not return n.
>
> I are not sure if I can do something like "while (i < n) i += skip(n)" because skip(n) can return zero and it does not understand EOF. Therefore I readNBytes(n) and discard the result. If you have a better solution, I'll be happy to know.
>
> Thanks
> Max
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20180516/79e6a7e8/attachment.htm>
More information about the security-dev
mailing list