RFR: 8295068: SSLEngine throws NPE parsing CertificateRequests [v2]
Kevin Driver
kdriver at openjdk.org
Thu Jul 6 15:52:00 UTC 2023
> JDK-8295068: an NPE is thrown when an invalid `id` is found to match up a `ClientCertificateType`; rather than throwing the `NPE`, we now throw an `IllegalArgumentException`. This does not seem to be a scenario where recovery is possible or desired, so the `IAE` should be the proper behavior.
Kevin Driver has updated the pull request incrementally with two additional commits since the last revision:
- remove extra line break
- fail to look up the id silently to not throw an unexpected error
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/14778/files
- new: https://git.openjdk.org/jdk/pull/14778/files/d36df7ba..ce669848
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=14778&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=14778&range=00-01
Stats: 5 lines in 1 file changed: 0 ins; 4 del; 1 mod
Patch: https://git.openjdk.org/jdk/pull/14778.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/14778/head:pull/14778
PR: https://git.openjdk.org/jdk/pull/14778
More information about the security-dev
mailing list