Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8253829

Wrong length compared in SSPI bridge

    Details

      Description

      In gss_compare_name(), there is [1]:

          if (l1 < l2 && l1 != r2
                  || l2 < l1 && l2 != l1) {
              return GSS_S_COMPLETE; // different
          }

      If one name is "user@R" and the other is "user1". This check fails fast when one "user" and "user1" already have different length.

      The comparison should be symmetric and the last check should be l2 != r1.

      This bug is reported at [2].

      [1] https://github.com/openjdk/jdk/blob/51d5164ca2b4801c14466e8d1420ecf27cb7615f/src/java.security.jgss/windows/native/libsspi_bridge/sspi.cpp#L467
      [2] http://mail.openjdk.java.net/pipermail/security-dev/2020-September/022643.html

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                weijun Weijun Wang
                Reporter:
                weijun Weijun Wang
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: