Details
-
Type:
Enhancement
-
Status: Resolved
-
Priority:
P4
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 16
-
Component/s: security-libs
-
Labels:
-
Subcomponent:
-
Resolved In Build:b18
-
OS:windows
Description
In gss_compare_name(), there is [1]:
if (l1 < l2 && l1 != r2
|| l2 < l1 && l2 != l1) {
return GSS_S_COMPLETE; // different
}
If one name is "user@R" and the other is "user1". This check fails fast when one "user" and "user1" already have different length.
The comparison should be symmetric and the last check should be l2 != r1.
This bug is reported at [2].
[1] https://github.com/openjdk/jdk/blob/51d5164ca2b4801c14466e8d1420ecf27cb7615f/src/java.security.jgss/windows/native/libsspi_bridge/sspi.cpp#L467
[2] http://mail.openjdk.java.net/pipermail/security-dev/2020-September/022643.html
if (l1 < l2 && l1 != r2
|| l2 < l1 && l2 != l1) {
return GSS_S_COMPLETE; // different
}
If one name is "user@R" and the other is "user1". This check fails fast when one "user" and "user1" already have different length.
The comparison should be symmetric and the last check should be l2 != r1.
This bug is reported at [2].
[1] https://github.com/openjdk/jdk/blob/51d5164ca2b4801c14466e8d1420ecf27cb7615f/src/java.security.jgss/windows/native/libsspi_bridge/sspi.cpp#L467
[2] http://mail.openjdk.java.net/pipermail/security-dev/2020-September/022643.html
