RFR: 8267086: Fix ArrayIndexOutOfBoundsException in DerIndefLenConverter
Fabian Meumertzheim
github.com+4312191+fmeum at openjdk.java.net
Mon May 17 12:41:04 UTC 2021
`sun.security.util.DerIndefLenConverter#convertBytes` does not perform sufficient checks after calling `#parseValue`, which can overflow `dataPos` or make it exceed `dataSize`. This can lead to an `ArrayIndexOutOfBoundsException`.
The fix is to ensure `dataPos` is in the valid range `[0,dataSize]` after the call to `parseValue`.
-------------
Commit messages:
- 8267086: Fix ArrayIndexOutOfBoundsException in DerIndefLenConverter
Changes: https://git.openjdk.java.net/jdk/pull/4058/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=4058&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8267086
Stats: 4 lines in 1 file changed: 4 ins; 0 del; 0 mod
Patch: https://git.openjdk.java.net/jdk/pull/4058.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/4058/head:pull/4058
PR: https://git.openjdk.java.net/jdk/pull/4058
More information about the security-dev
mailing list