Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

8277224: sun.security.pkcs.PKCS9Attributes.toString() throws NPE #6433

Closed
wants to merge 2 commits into from

Conversation

coffeys
Copy link
Contributor

@coffeys coffeys commented Nov 17, 2021

Some elements of the PKCS9Attribute.PKCS9_OIDS array may have null value. The PKCS9Attributes.toString() and PKCS9Attributes.getAttributes() methods need to account for that.


Progress

  • Change must not contain extraneous whitespace
  • Commit message must refer to an issue
  • Change must be properly reviewed

Issue

  • JDK-8277224: sun.security.pkcs.PKCS9Attributes.toString() throws NPE

Reviewers

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.java.net/jdk pull/6433/head:pull/6433
$ git checkout pull/6433

Update a local copy of the PR:
$ git checkout pull/6433
$ git pull https://git.openjdk.java.net/jdk pull/6433/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 6433

View PR using the GUI difftool:
$ git pr show -t 6433

Using diff file

Download this PR as a diff file:
https://git.openjdk.java.net/jdk/pull/6433.diff

@bridgekeeper
Copy link

@bridgekeeper bridgekeeper bot commented Nov 17, 2021

👋 Welcome back coffeys! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

@openjdk openjdk bot added the rfr label Nov 17, 2021
@openjdk
Copy link

@openjdk openjdk bot commented Nov 17, 2021

@coffeys The following label will be automatically applied to this pull request:

  • security

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command.

@openjdk openjdk bot added the security label Nov 17, 2021
@mlbridge
Copy link

@mlbridge mlbridge bot commented Nov 17, 2021

Webrevs

@@ -62,6 +62,10 @@ public static void main(String[] args) throws Exception {
new PKCS9Attribute(PKCS9Attribute.MESSAGE_DIGEST_OID, md.digest(data)),
});

// test PKCS9Attributes.toString(), PKCS9Attributes.getAttributes()
System.out.println(authed);
authed.getAttributes();
Copy link
Contributor

@wangweij wangweij Nov 17, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like the old getAttributes() would only throw NPE if one of the attribute is of a type after PKCS9_OIDS[10].

Copy link
Contributor Author

@coffeys coffeys Nov 17, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes - its also bounded by the "attribs.length" check. I initially thought I'd have to build an PKCS9Attributes Object consisting of 10/11+ PKCS9Attribute Objects. That didn't seem feasible since many are not supported.

but on re-read, yes, all I need to do is stick in an OID > PKCS9_OIDS[10] - I'll update the testcase.

@openjdk
Copy link

@openjdk openjdk bot commented Nov 17, 2021

@coffeys This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8277224: sun.security.pkcs.PKCS9Attributes.toString() throws NPE

Reviewed-by: weijun

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 11 new commits pushed to the master branch:

  • 9f2f46e: 8275037: Test vmTestbase/nsk/sysdict/vm/stress/btree/btree011/btree011.java crashes with memory exhaustion on Windows
  • 2af9e59: 8276139: TestJpsHostName.java not reliable, better to expand HostIdentifierCreate.java test
  • e9934e1: 8277221: G1: Remove methods without implementations in G1CollectedHeap
  • 9aa30de: 8275317: AArch64: Support some type conversion vectorization in SLP
  • 08f65a5: 8277313: Validate header failed for test/jdk/java/net/httpclient/HeadTest.java
  • 23e5117: 8276559: (httpclient) Consider adding an HttpRequest.Builder.HEAD method to build a HEAD request.
  • a77d8dd: 8276787: Improve warning messages for -XX:+RecordDynamicDumpInfo
  • 8ed384c: 8276609: Document setting property jdk.serialFilter to an invalid value throws ExceptionInInitializerError
  • cddc6ce: 8275811: Incorrect instance to dispose
  • b0a463f: 8169468: NoResizeEventOnDMChangeTest.java fails because FS Window didn't receive all resizes!
  • ... and 1 more: https://git.openjdk.java.net/jdk/compare/d5e47d6b84514edde23a8baff8c2274e5b3ca6bb...master

As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

➡️ To integrate this PR with the above commit message to the master branch, type /integrate in a new comment.

@openjdk openjdk bot added the ready label Nov 17, 2021
@coffeys
Copy link
Contributor Author

@coffeys coffeys commented Nov 17, 2021

/integrate

@openjdk
Copy link

@openjdk openjdk bot commented Nov 17, 2021

Going to push as commit 6bb0462.
Since your change was applied there have been 18 commits pushed to the master branch:

  • d8c0280: 8277316: ciReplay: dump_replay_data is not thread-safe
  • 007ad7c: 8277303: Terminology mismatch between JLS17-3.9 and SE17's javax.lang.model.SourceVersion method specs
  • 8881f29: 8277310: ciReplay: @CPI MethodHandle references not resolved
  • 262d070: 8277246: Check for NonRepudiation as well when validating a TSA certificate
  • a907b2b: 8276177: nsk/jvmti/RedefineClasses/StressRedefineWithoutBytecodeCorruption failed with "assert(def_ik->is_being_redefined()) failed: should be being redefined to get here"
  • b687664: 8277159: Fix java/nio/file/FileStore/Basic.java test by ignoring /run/user/* mount points
  • 8f5a8f7: 8264293: Create implementation for NSAccessibilityMenu protocol peer
  • 9f2f46e: 8275037: Test vmTestbase/nsk/sysdict/vm/stress/btree/btree011/btree011.java crashes with memory exhaustion on Windows
  • 2af9e59: 8276139: TestJpsHostName.java not reliable, better to expand HostIdentifierCreate.java test
  • e9934e1: 8277221: G1: Remove methods without implementations in G1CollectedHeap
  • ... and 8 more: https://git.openjdk.java.net/jdk/compare/d5e47d6b84514edde23a8baff8c2274e5b3ca6bb...master

Your commit was automatically rebased without conflicts.

@openjdk openjdk bot closed this Nov 17, 2021
@openjdk openjdk bot added integrated and removed ready rfr labels Nov 17, 2021
@openjdk
Copy link

@openjdk openjdk bot commented Nov 17, 2021

@coffeys Pushed as commit 6bb0462.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
integrated security
2 participants