RFR: 8294985: SSLEngine throws IAE during parsing of X500Principal [v25]

Bradford Wetmore wetmore at openjdk.org
Wed May 31 04:46:08 UTC 2023


On Tue, 30 May 2023 19:24:09 GMT, Kevin Driver <kdriver at openjdk.org> wrote:

>> Fixes: [JDK-8294985](https://bugs.openjdk.org/browse/JDK-8294985)
>
> Kevin Driver has updated the pull request incrementally with two additional commits since the last revision:
> 
>  - undo import changes
>  - undo import changes

These are minor nits, can go as is.

test/jdk/sun/security/ssl/SSLEngineImpl/TestBadDNForPeerCA12.java line 147:

> 145:         createBuffers();
> 146: 
> 147:         System.out.println("forcing client hello");

"Create" rather than "forcing?"

test/jdk/sun/security/ssl/SSLEngineImpl/TestBadDNForPeerCA12.java line 148:

> 146: 
> 147:         System.out.println("forcing client hello");
> 148:         //sTOc = ByteBuffer.wrap(serverHello);

Might as well delete this.  Dead code is confusing.

test/jdk/sun/security/ssl/SSLEngineImpl/TestBadDNForPeerCA12.java line 161:

> 159: 
> 160:         sTOc.compact();
> 161:         cTOs.compact();

It doesn't really matter since the code will bomb out, but I don't think this line is doing what you expected.  cTOs is already pointing at the beginning of the Buffer.

-------------

Marked as reviewed by wetmore (Reviewer).

PR Review: https://git.openjdk.org/jdk/pull/13466#pullrequestreview-1452190853
PR Review Comment: https://git.openjdk.org/jdk/pull/13466#discussion_r1211077478
PR Review Comment: https://git.openjdk.org/jdk/pull/13466#discussion_r1211077197
PR Review Comment: https://git.openjdk.org/jdk/pull/13466#discussion_r1211080473



More information about the security-dev mailing list