Mercurial > hg > openjdk > jdk6 > jdk
changeset 1753:5f81b17f3e47
8182387: Improve PKCS usage
Reviewed-by: valeriep
author | apetcher |
---|---|
date | Fri, 28 Jul 2017 18:20:43 +0000 |
parents | 3442abfe4092 |
children | e9f395bb65a6 |
files | src/share/classes/sun/security/util/DerValue.java |
diffstat | 1 files changed, 12 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/sun/security/util/DerValue.java Mon Feb 23 10:05:41 2009 +0800 +++ b/src/share/classes/sun/security/util/DerValue.java Fri Jul 28 18:20:43 2017 +0000 @@ -491,20 +491,27 @@ * @return the octet string held in this DER value */ public byte[] getOctetString() throws IOException { - byte[] bytes; if (tag != tag_OctetString && !isConstructed(tag_OctetString)) { throw new IOException( "DerValue.getOctetString, not an Octet String: " + tag); } - bytes = new byte[length]; - // Note: do not tempt to call buffer.read(bytes) at all. There's a + // Note: do not attempt to call buffer.read(bytes) at all. There's a // known bug that it returns -1 instead of 0. if (length == 0) { - return bytes; + return new byte[0]; } - if (buffer.read(bytes) != length) + + // Only allocate the array if there are enough bytes available. + // This only works for ByteArrayInputStream. + // The assignment below ensures that buffer has the required type. + ByteArrayInputStream arrayInput = buffer; + if (arrayInput.available() < length) { throw new IOException("short read on DerValue buffer"); + } + byte[] bytes = new byte[length]; + arrayInput.read(bytes); + if (isConstructed()) { DerInputStream in = new DerInputStream(bytes, 0, bytes.length, buffer.allowBER);