diff options
Diffstat (limited to 'java/openjdk6/files/icedtea/openjdk/8021290-signature_validation.patch')
-rw-r--r-- | java/openjdk6/files/icedtea/openjdk/8021290-signature_validation.patch | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/java/openjdk6/files/icedtea/openjdk/8021290-signature_validation.patch b/java/openjdk6/files/icedtea/openjdk/8021290-signature_validation.patch new file mode 100644 index 000000000000..1cb588fecc68 --- /dev/null +++ b/java/openjdk6/files/icedtea/openjdk/8021290-signature_validation.patch @@ -0,0 +1,55 @@ +# HG changeset patch +# User mullan +# Date 1375219222 14400 +# Tue Jul 30 17:20:22 2013 -0400 +# Node ID 3e758b40337ef9da5ad030d0ac60ab4407357277 +# Parent 5e3c766d18092d498d9019827c1058a32f1c4e2a +8021290: Better signature validation +Reviewed-by: xuelei, ahgross + +diff -r 5e3c766d1809 -r 3e758b40337e src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncByteArrayOutputStream.java +--- jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncByteArrayOutputStream.java Fri Oct 15 10:55:59 2010 -0400 ++++ jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/UnsyncByteArrayOutputStream.java Tue Jul 30 17:20:22 2013 -0400 +@@ -44,6 +44,9 @@ + } + + public void write(byte[] arg0) { ++ if ((Integer.MAX_VALUE - pos) < arg0.length) { ++ throw new OutOfMemoryError(); ++ } + int newPos = pos + arg0.length; + if (newPos > size) { + expandSize(newPos); +@@ -53,6 +56,9 @@ + } + + public void write(byte[] arg0, int arg1, int arg2) { ++ if ((Integer.MAX_VALUE - pos) < arg2) { ++ throw new OutOfMemoryError(); ++ } + int newPos = pos + arg2; + if (newPos > size) { + expandSize(newPos); +@@ -62,6 +68,9 @@ + } + + public void write(int arg0) { ++ if ((Integer.MAX_VALUE - pos) == 0) { ++ throw new OutOfMemoryError(); ++ } + int newPos = pos + 1; + if (newPos > size) { + expandSize(newPos); +@@ -82,7 +91,11 @@ + private void expandSize(int newPos) { + int newSize = size; + while (newPos > newSize) { +- newSize = newSize<<2; ++ newSize = newSize << 1; ++ // Deal with overflow ++ if (newSize < 0) { ++ newSize = Integer.MAX_VALUE; ++ } + } + byte newBuf[] = new byte[newSize]; + System.arraycopy(buf, 0, newBuf, 0, pos); |