Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
8280703: CipherCore.doFinal(...) causes potentially massive byte[] al…
…locations during decryption

Reviewed-by: ascarpino
  • Loading branch information
overheadhunter authored and Anthony Scarpino committed Jan 28, 2022
1 parent cb8a82e commit 409382b
Showing 1 changed file with 8 additions and 5 deletions.
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2002, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2002, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -812,10 +812,13 @@ int doFinal(byte[] input, int inputOffset, int inputLen, byte[] output,
if (outputCapacity < estOutSize) {
cipher.save();
}
// create temporary output buffer if the estimated size is larger
// than the user-provided buffer.
internalOutput = new byte[estOutSize];
offset = 0;
if (outputCapacity < estOutSize || padding != null) {
// create temporary output buffer if the estimated size is larger
// than the user-provided buffer or a padding needs to be removed
// before copying the unpadded result to the output buffer
internalOutput = new byte[estOutSize];
offset = 0;
}
}

byte[] outBuffer = (internalOutput != null) ? internalOutput : output;
Expand Down

7 comments on commit 409382b

@openjdk-notifier
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@asgibbons
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/backport jdk17u-dev

@openjdk
Copy link

@openjdk openjdk bot commented on 409382b Feb 13, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@asgibbons To use the /backport command, you need to be in the OpenJDK census and your GitHub account needs to be linked with your OpenJDK username (how to associate your GitHub account with your OpenJDK username).

@asgibbons
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/backport jdk17u-dev

@openjdk
Copy link

@openjdk openjdk bot commented on 409382b Feb 13, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@asgibbons the backport was successfully created on the branch asgibbons-backport-409382ba in my personal fork of openjdk/jdk17u-dev. To create a pull request with this backport targeting openjdk/jdk17u-dev:master, just click the following link:

➡️ Create pull request

The title of the pull request is automatically filled in correctly and below you find a suggestion for the pull request body:

Hi all,

This pull request contains a backport of commit 409382ba from the openjdk/jdk repository.

The commit being backported was authored by Sebastian Stenzel on 28 Jan 2022 and was reviewed by Anthony Scarpino.

Thanks!

If you need to update the source branch of the pull then run the following commands in a local clone of your personal fork of openjdk/jdk17u-dev:

$ git fetch https://github.com/openjdk-bots/jdk17u-dev asgibbons-backport-409382ba:asgibbons-backport-409382ba
$ git checkout asgibbons-backport-409382ba
# make changes
$ git add paths/to/changed/files
$ git commit --message 'Describe additional changes made'
$ git push https://github.com/openjdk-bots/jdk17u-dev asgibbons-backport-409382ba

@asgibbons
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/backport jdk11u-dev

@openjdk
Copy link

@openjdk openjdk bot commented on 409382b Feb 27, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@asgibbons Could not automatically backport 409382ba to openjdk/jdk11u-dev due to conflicts in the following files:

  • src/java.base/share/classes/com/sun/crypto/provider/CipherCore.java

Please fetch the appropriate branch/commit and manually resolve these conflicts by using the following commands in your personal fork of openjdk/jdk11u-dev. Note: these commands are just some suggestions and you can use other equivalent commands you know.

# Fetch the up-to-date version of the target branch
$ git fetch --no-tags https://git.openjdk.org/jdk11u-dev master:master

# Check out the target branch and create your own branch to backport
$ git checkout master
$ git checkout -b asgibbons-backport-409382ba

# Fetch the commit you want to backport
$ git fetch --no-tags https://git.openjdk.org/jdk 409382ba4b43bf48ed0086020dd20641effd35b6

# Backport the commit
$ git cherry-pick --no-commit 409382ba4b43bf48ed0086020dd20641effd35b6
# Resolve conflicts now

# Commit the files you have modified
$ git add files/with/resolved/conflicts
$ git commit -m 'Backport 409382ba4b43bf48ed0086020dd20641effd35b6'

Once you have resolved the conflicts as explained above continue with creating a pull request towards the openjdk/jdk11u-dev with the title Backport 409382ba4b43bf48ed0086020dd20641effd35b6.

Please sign in to comment.