RFR: 8294985: SSLEngine throws IAE during parsing of X500Principal [v3]
Sean Mullan
mullan at openjdk.org
Mon May 1 17:54:52 UTC 2023
On Fri, 28 Apr 2023 19:15:59 GMT, Kevin Driver <kdriver at openjdk.org> wrote:
>> Fixes: [JDK-8294985](https://bugs.openjdk.org/browse/JDK-8294985)
>
> Kevin Driver has updated the pull request incrementally with one additional commit since the last revision:
>
> Update src/java.base/share/classes/sun/security/ssl/CertificateAuthoritiesExtension.java
>
> Co-authored-by: Daniel Jelinski <djelinski1 at gmail.com>
Yes, I think we should check other calls in the TLS code to `new X500Principal()` that take the encoded bytes from the network to see if similar changes are needed.
I would also pass the cause to the `fatal()` method as this will provide additional information as to the reason of the parsing failure for debugging purposes.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/13466#issuecomment-1529997195
More information about the security-dev
mailing list