RFR: 8369995: Implement extra logging and/or propagate errors in X509KeyManagerImpl and fix StringIndexOutOfBoundsException [v4]
Mikhail Yankelevich
myankelevich at openjdk.org
Fri Oct 17 17:03:38 UTC 2025
On Fri, 17 Oct 2025 16:20:27 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> Mikhail Yankelevich has updated the pull request incrementally with one additional commit since the last revision:
>>
>> preventing double run of tests that don't need it; Changed messages and made the error message a warning
>
> src/java.base/share/classes/sun/security/ssl/X509KeyManagerImpl.java line 226:
>
>> 224: int firstDot = alias.indexOf('.');
>> 225: int secondDot = alias.indexOf('.', firstDot + 1);
>> 226: if ((firstDot == -1) || (secondDot == -1)) {
>
> The following code looks correct to me to check for a proper alias format and to avoid Out of Bounds exception. Please add a test case for that:
>
> // parse the alias
> int firstDot = alias.indexOf('.');
> int secondDot = -1;
>
> if (firstDot > 0 && alias.length() - firstDot > 3) {
> secondDot = alias.indexOf('.', firstDot + 1);
> }
>
> if (secondDot - firstDot < 2 || alias.length() - secondDot < 2) {
> if (SSLLogger.isOn && SSLLogger.isOn("keymanager")) {
> SSLLogger.warning("Invalid alias format: " + alias);
> }
> return null;
> }
Done in the next commit
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27851#discussion_r2440619297
More information about the security-dev
mailing list