RFR: 8282077: PKCS11 provider C_sign() impl should handle CKR_BUFFER_TOO_SMALL error
Valerie Peng
valeriep at openjdk.java.net
Fri Feb 18 23:35:51 UTC 2022
On Fri, 18 Feb 2022 22:10:17 GMT, Mikael Vidstedt <mikael at openjdk.org> wrote:
>> Could someone please help review this trivial change? This is to add an error handling for the potential CKR_BUFFER_TOO_SMALL error when calling C_Sign(). Since none of the supported signature algorithms trigger this error as the default buffer size is large enough, this is more for consistency sake. No new regression test for this and thus the @noreg-hard label.
>>
>> Thanks,
>> Valerie
>
> src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_sign.c line 151:
>
>> 149: if (bufP == NULL) {
>> 150: throwOutOfMemoryError(env, 0);
>> 151: return NULL;
>
> Does ckpData need to be freed here?
Yes, good catch. I will change it with a cleanup label and jump to the cleanup label as in other methods.
-------------
PR: https://git.openjdk.java.net/jdk/pull/7540
More information about the security-dev
mailing list