Mercurial > hg > release > icedtea7-forest-2.3 > jdk
changeset 6363:c564d18ddeb4
8021290: Better signature validation
Reviewed-by: xuelei, ahgross
| author | mullan |
|---|---|
| date | Tue, 30 Jul 2013 17:20:22 -0400 |
| parents | 98ac6fa208e7 |
| children | 53b1249d1715 |
| files | src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncByteArrayOutputStream.java |
| diffstat | 1 files changed, 14 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncByteArrayOutputStream.java Thu Aug 01 14:15:27 2013 -0700 +++ b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncByteArrayOutputStream.java Tue Jul 30 17:20:22 2013 -0400 @@ -44,6 +44,9 @@ } public void write(byte[] arg0) { + if ((Integer.MAX_VALUE - pos) < arg0.length) { + throw new OutOfMemoryError(); + } int newPos = pos + arg0.length; if (newPos > size) { expandSize(newPos); @@ -53,6 +56,9 @@ } public void write(byte[] arg0, int arg1, int arg2) { + if ((Integer.MAX_VALUE - pos) < arg2) { + throw new OutOfMemoryError(); + } int newPos = pos + arg2; if (newPos > size) { expandSize(newPos); @@ -62,6 +68,9 @@ } public void write(int arg0) { + if ((Integer.MAX_VALUE - pos) == 0) { + throw new OutOfMemoryError(); + } int newPos = pos + 1; if (newPos > size) { expandSize(newPos); @@ -82,7 +91,11 @@ private void expandSize(int newPos) { int newSize = size; while (newPos > newSize) { - newSize = newSize<<2; + newSize = newSize << 1; + // Deal with overflow + if (newSize < 0) { + newSize = Integer.MAX_VALUE; + } } byte newBuf[] = new byte[newSize]; System.arraycopy(buf, 0, newBuf, 0, pos);