RFR: 8334670: SSLSocketOutputRecord buffer miscalculation
Anthony Scarpino
ascarpino at openjdk.org
Tue Jun 25 18:29:12 UTC 2024
On Tue, 25 Jun 2024 08:14:10 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
>> Hi,
>>
>> I need a review to change the a fragment buffer size miscalculation error. This appears when there are large handshake messages and hasn't been observed during application data. This was found during testing of the NewSessionTicket change in [JDK-8328608](https://bugs.openjdk.org/browse/JDK-8328608). There is no regression test as the failure hasn't shown to fail every time.
>>
>> thanks
>>
>> Tony
>
> src/java.base/share/classes/sun/security/ssl/SSLSocketOutputRecord.java line 171:
>
>> 169: for (int limit = (offset + length); offset < limit;) {
>> 170:
>> 171: int remains = (limit - offset) + (count - position);
>
> Suggestion:
>
> int remains = (limit - offset);
I tried this and it caused a lockup in one of the tests. I see why your think this is the right change, but it isn't proving out in the testing
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/19862#discussion_r1653335017
More information about the security-dev
mailing list