Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8217344

Make comparison overflow-aware in ECDHKeyAgreement.engineGenerateSecret()

    Details

    • Subcomponent:
    • Resolved In Build:
      b05
    • Verification:
      Not verified

      Backports

        Description

        This is analogous to what was done in XDHKeyAgreement::engineGenerateSecret via JDK-8201317.

        - if (offset + secretLen > sharedSecret.length) {
        + if (secretLen > sharedSecret.length - offset) {

          Attachments

            Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8225728 Make comparison overflow-aware in ECDHKeyAgreement.engineGenerateSecret()

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

              Activity

                People

                • Assignee:
                  igerasim Ivan Gerasimov (Inactive)
                  Reporter:
                  igerasim Ivan Gerasimov (Inactive)
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: