8163251: Hard coded loop limit prevents reading of smart card data gr…

…eater than 8k Reviewed-by: valeriep, rriggs
openjdk · Feb 18, 2020 · 8aff5bda80c112cc3a758239cb90ddc459b8c673 · 8aff5bd
1 parent 5d9c59f
commit 8aff5bda80c112cc3a758239cb90ddc459b8c673
Unified Split

Showing with 5 additions and 3 deletions.

+5 −3 src/java.smartcardio/share/classes/sun/security/smartcardio/ChannelImpl.java
diff --git a/src/java.smartcardio/share/classes/sun/security/smartcardio/ChannelImpl.java b/src/java.smartcardio/share/classes/sun/security/smartcardio/ChannelImpl.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2020, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -150,6 +150,7 @@ private static boolean getBooleanProperty(String name, boolean def) {
         return res;
     }
 
+    private final static int RESPONSE_ITERATIONS = 256;
     private final static byte[] B0 = new byte[0];
 
     private byte[] doTransmit(byte[] command) throws CardException {
@@ -182,8 +183,9 @@ private static boolean getBooleanProperty(String name, boolean def) {
             int k = 0;
             byte[] result = B0;
             while (true) {
-                if (++k >= 32) {
-                    throw new CardException("Could not obtain response");
+                if (++k > RESPONSE_ITERATIONS) {
+                    throw new CardException("Number of response iterations" +
+                            " exceeded maximum " + RESPONSE_ITERATIONS);
                 }
                 byte[] response = SCardTransmit
                     (card.cardId, card.protocol, command, 0, n);