Withdrawn: 8255739: x509Certificate returns � for invalid subjectAlternativeNames

duke duke at openjdk.java.net
Thu Mar 24 14:11:50 UTC 2022


On Thu, 23 Dec 2021 11:59:18 GMT, Masanori Yano <myano at openjdk.org> wrote:

> Could you please review the JDK-8255739 bug fix?
> 
> I think sun.security.x509.SubjectAlternativeNameExtension() should throw an exception for incorrect SubjectAlternativeNames instead of returning the substituted characters, which is explained in the description of BugDB.
> 
> I modified DerValue.readStringInternal() not to read incorrect SubjectAlternativeNames and throw an IOException. sun.security.x509.X509CertInfo.parse() catch the IOExcepton and ignore it if SAN is a non-ciritical extension like the behavior of the IOException in readStringInternal(). So I added a test with -Djava.security.debug=x509 to confirm that.

This pull request has been closed without being integrated.

-------------

PR: https://git.openjdk.java.net/jdk/pull/6928



More information about the security-dev mailing list