RFR: 8364657: Crash for SecureRandom.generateSeed(0) on Windows x86-64
duke
duke at openjdk.org
Mon Sep 22 16:49:20 UTC 2025
On Tue, 16 Sep 2025 01:07:18 GMT, Shawn M Emery <duke at openjdk.org> wrote:
> The JVM will crash when given a zero byte seed length for SecureRandom.generateSeed() while using the Window's PRNG. The solution is to first check to see if the seed is null or not and if null then generate a zero length byte array. This may be odd but this mimics the same behavior in other operating systems such as MacOS and Linux.
>
> The new unit test case* provided with this PR replicates the issue before the fix and is confirmed not to replicate the issue after the proposed fix.
>
> * The TestStrong.java unit test code is a contribution from @jaikiran, thank you!
@smemery
Your change (at version a10b47fde9d641d5f1dcf5e13c4344d573a1aef1) is now ready to be sponsored by a Committer.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/27302#issuecomment-3320142490
More information about the security-dev
mailing list