1berry/openjdk
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

8315042: NPE in PKCS7.parseOldSignedData

Browse Source 
Reviewed-by: valeriep, weijun
This commit is contained in:
Mark Powers 2023-10-04 00:23:42 +00:00 committed by Valerie Peng
parent f7deaf4bef
commit 8c0d026d0f
2 changed files with 29 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/java.base/share/classes/sun/security/pkcs/PKCS7.java
View File

@ -152,6 +152,10 @@ public class PKCS7 {
ObjectIdentifier contentType = block.contentType; ObjectIdentifier contentType = block.contentType;
DerValue content = block.getContent(); DerValue content = block.getContent();
if (content == null) {
throw new ParsingException("content is null");
}
if (contentType.equals(ContentInfo.SIGNED_DATA_OID)) { if (contentType.equals(ContentInfo.SIGNED_DATA_OID)) {
parseSignedData(content); parseSignedData(content);
} else if (contentType.equals(ContentInfo.OLD_SIGNED_DATA_OID)) { } else if (contentType.equals(ContentInfo.OLD_SIGNED_DATA_OID)) {

63
test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2004, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -23,56 +23,43 @@
/* /*
* @test * @test
* @bug 5052433 * @bug 5052433 8315042
* @summary NullPointerException for generateCRL and generateCRLs methods. * @summary Verify that generateCRL and generateCRLs methods do not throw
* NullPointerException. They should throw CRLException instead.
* @library /test/lib
*/ */
import java.security.NoSuchProviderException; import java.security.NoSuchProviderException;
import java.security.cert.*; import java.security.cert.*;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.util.Base64;
import jdk.test.lib.Utils;
public class UnexpectedNPE { public class UnexpectedNPE {
CertificateFactory cf = null ; static CertificateFactory cf = null;
public UnexpectedNPE() {} public static void main(String[] av ) throws CertificateException,
NoSuchProviderException {
public static void main( String[] av ) {
byte[] encoded_1 = { 0x00, 0x00, 0x00, 0x00 }; byte[] encoded_1 = { 0x00, 0x00, 0x00, 0x00 };
byte[] encoded_2 = { 0x30, 0x01, 0x00, 0x00 }; byte[] encoded_2 = { 0x30, 0x01, 0x00, 0x00 };
byte[] encoded_3 = { 0x30, 0x01, 0x00 }; byte[] encoded_3 = { 0x30, 0x01, 0x00 };
byte[] encoded_4 = Base64.getDecoder().decode(
"MAsGCSqGSMP7TQEHAjI1Bgn///////8wCwUyAQ==");
UnexpectedNPE unpe = new UnexpectedNPE() ; cf = CertificateFactory.getInstance("X.509", "SUN");
if(!unpe.run(encoded_1)) { run(encoded_1);
throw new SecurityException("CRLException has not been thrown"); run(encoded_2);
} run(encoded_3);
run(encoded_4);
if(!unpe.run(encoded_2)) {
throw new SecurityException("CRLException has not been thrown");
}
if(!unpe.run(encoded_2)) {
throw new SecurityException("CRLException has not been thrown");
}
} }
private boolean run(byte[] buf) { private static void run(byte[] buf) {
if (cf == null) { Utils.runAndCheckException(
try { () -> cf.generateCRL(new ByteArrayInputStream(buf)),
cf = CertificateFactory.getInstance("X.509", "SUN"); CRLException.class);
} catch (CertificateException e) { Utils.runAndCheckException(
throw new SecurityException("Cannot get CertificateFactory"); () -> cf.generateCRLs(new ByteArrayInputStream(buf)),
} catch (NoSuchProviderException npe) { CRLException.class);
throw new SecurityException("Cannot get CertificateFactory");
}
}
try {
cf.generateCRL(new ByteArrayInputStream(buf));
} catch (CRLException ce) {
System.out.println("NPE checking passed");
return true;
}
System.out.println("CRLException has not been thrown");
return false;
} }
} }