Mercurial > hg > release > icedtea7-forest-2.6 > jdk
changeset 9694:1636cb164608
8210610: Improved LSA authentication
Reviewed-by: valeriep, mschoene, rhalade
author | igerasim |
---|---|
date | Sat, 06 Oct 2018 12:27:18 -0700 |
parents | a4401efb67e7 |
children | d541364c9376 |
files | src/windows/native/sun/security/krb5/NativeCreds.c |
diffstat | 1 files changed, 27 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/src/windows/native/sun/security/krb5/NativeCreds.c Fri Oct 05 11:37:39 2018 -0700 +++ b/src/windows/native/sun/security/krb5/NativeCreds.c Sat Oct 06 12:27:18 2018 -0700 @@ -76,7 +76,8 @@ BOOL PackageConnectLookup(PHANDLE,PULONG); -NTSTATUS ConstructTicketRequest(UNICODE_STRING DomainName, +NTSTATUS ConstructTicketRequest(JNIEnv *env, + UNICODE_STRING DomainName, PKERB_RETRIEVE_TKT_REQUEST *outRequest, ULONG *outSize); @@ -102,6 +103,8 @@ jobject BuildTicketFlags(JNIEnv *env, PULONG flags); jobject BuildKerberosTime(JNIEnv *env, PLARGE_INTEGER kerbtime); +void ThrowOOME(JNIEnv *env, const char *szMessage); + /* * Class: sun_security_krb5_KrbCreds * Method: JNI_OnLoad @@ -492,7 +495,7 @@ } // use domain to request Ticket - Status = ConstructTicketRequest(msticket->TargetDomainName, + Status = ConstructTicketRequest(env, msticket->TargetDomainName, &pTicketRequest, &requestSize); if (!LSA_SUCCESS(Status)) { ShowNTError("ConstructTicketRequest status", Status); @@ -684,7 +687,7 @@ } static NTSTATUS -ConstructTicketRequest(UNICODE_STRING DomainName, +ConstructTicketRequest(JNIEnv *env, UNICODE_STRING DomainName, PKERB_RETRIEVE_TKT_REQUEST *outRequest, ULONG *outSize) { NTSTATUS Status; @@ -731,8 +734,10 @@ pTicketRequest = (PKERB_RETRIEVE_TKT_REQUEST) LocalAlloc(LMEM_ZEROINIT, RequestSize); - if (!pTicketRequest) + if (!pTicketRequest) { + ThrowOOME(env, "Can't allocate memory for ticket"); return GetLastError(); + } // // Concatenate the target prefix with the previous response's @@ -889,7 +894,7 @@ jbyteArray ary; ary = (*env)->NewByteArray(env,encodedTicketSize); - if ((*env)->ExceptionOccurred(env)) { + if (ary == NULL) { return (jobject) NULL; } @@ -935,6 +940,10 @@ realm = (WCHAR *) LocalAlloc(LMEM_ZEROINIT, ((domainName.Length)*sizeof(WCHAR) + sizeof(UNICODE_NULL))); + if (realm == NULL) { + ThrowOOME(env, "Can't allocate memory for realm"); + return NULL; + } wcsncpy(realm, domainName.Buffer, domainName.Length/sizeof(WCHAR)); if (native_debug) { @@ -996,6 +1005,9 @@ } ary = (*env)->NewByteArray(env,cryptoKey->Length); + if (ary == NULL) { + return (jobject) NULL; + } (*env)->SetByteArrayRegion(env, ary, (jsize) 0, cryptoKey->Length, (jbyte *)cryptoKey->Value); if ((*env)->ExceptionOccurred(env)) { @@ -1018,6 +1030,9 @@ ULONG nlflags = htonl(*flags); ary = (*env)->NewByteArray(env, sizeof(*flags)); + if (ary == NULL) { + return (jobject) NULL; + } (*env)->SetByteArrayRegion(env, ary, (jsize) 0, sizeof(*flags), (jbyte *)&nlflags); if ((*env)->ExceptionOccurred(env)) { @@ -1070,3 +1085,10 @@ } return kerberosTime; } + +void ThrowOOME(JNIEnv *env, const char *szMessage) { + jclass exceptionClazz = (*env)->FindClass(env, "java/lang/OutOfMemoryError"); + if (exceptionClazz != NULL) { + (*env)->ThrowNew(env, exceptionClazz, szMessage); + } +}