Code review request, 7200295 CertificateRequest message is wrapping when using large numbers of Certs (original) (raw)

Brad Wetmore bradford.wetmore at oracle.com
Tue Sep 25 01:23:51 UTC 2012

• Previous message (by thread): Code review request, 7200295 CertificateRequest message is wrapping when using large numbers of Certs
• Next message (by thread): Code review request, 7200295 CertificateRequest message is wrapping when using large numbers of Certs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Are there situations where we might overflow the int?

For example, in CertificateRequest.messageLength()

     for (int i = 0; i < authorities.length; i++) {
         len += authorities[i].length();
     }

What if len overflows?

Also, all of these field's callers are overflow-1?

Brad

On 9/23/2012 7:42 PM, Xuelei Fan wrote:

Hi,

Please review the update to check output filed length overflow in TLS handshaking. bug : http://bugs.sun.com/bugdatabase/viewbug.do?bugid=7200295 webrev: http://cr.openjdk.java.net/~xuelei/7200295/webrev.00/ The cause of the bug is that for 8, 16, 24 bits length-variable fields, before put the bytes into the fields, we do not check that the length of the bytes is less than the capabilities of the field. Thanks, Xuelei

• Previous message (by thread): Code review request, 7200295 CertificateRequest message is wrapping when using large numbers of Certs
• Next message (by thread): Code review request, 7200295 CertificateRequest message is wrapping when using large numbers of Certs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the security-dev mailing list