8038908: Make Signature more robust
authormullan
Tue, 27 May 2014 08:56:59 -0400
changeset 27077 c943ca4a3380
parent 27076 baf0d59c923c
child 27078 39275d6a8cac
8038908: Make Signature more robust Reviewed-by: valeriep, skoivu, asmotrak
jdk/src/java.base/share/classes/java/security/Signature.java
--- a/jdk/src/java.base/share/classes/java/security/Signature.java	Fri May 23 10:56:42 2014 +0400
+++ b/jdk/src/java.base/share/classes/java/security/Signature.java	Tue May 27 08:56:59 2014 -0400
@@ -604,9 +604,13 @@
      * @return the number of bytes placed into {@code outbuf}.
      *
      * @exception SignatureException if this signature object is not
-     * initialized properly, if this signature algorithm is unable to
-     * process the input data provided, or if {@code len} is less
-     * than the actual signature length.
+     *     initialized properly, if this signature algorithm is unable to
+     *     process the input data provided, or if {@code len} is less
+     *     than the actual signature length.
+     * @exception IllegalArgumentException if {@code outbuf} is {@code null},
+     *     or {@code offset} or {@code len} is less than 0, or the sum of
+     *     {@code offset} and {@code len} is greater than the length of
+     *     {@code outbuf}.
      *
      * @since 1.2
      */
@@ -615,6 +619,9 @@
         if (outbuf == null) {
             throw new IllegalArgumentException("No output buffer given");
         }
+        if (offset < 0 || len < 0) {
+            throw new IllegalArgumentException("offset or len is less than 0");
+        }
         if (outbuf.length - offset < len) {
             throw new IllegalArgumentException
                 ("Output buffer too small for specified offset and length");
@@ -683,9 +690,16 @@
     public final boolean verify(byte[] signature, int offset, int length)
         throws SignatureException {
         if (state == VERIFY) {
-            if ((signature == null) || (offset < 0) || (length < 0) ||
-                (length > signature.length - offset)) {
-                throw new IllegalArgumentException("Bad arguments");
+            if (signature == null) {
+                throw new IllegalArgumentException("signature is null");
+            }
+            if (offset < 0 || length < 0) {
+                throw new IllegalArgumentException
+                    ("offset or length is less than 0");
+            }
+            if (signature.length - offset < length) {
+                throw new IllegalArgumentException
+                    ("signature too small for specified offset and length");
             }
 
             return engineVerify(signature, offset, length);
@@ -733,11 +747,25 @@
      * @param len the number of bytes to use, starting at offset.
      *
      * @exception SignatureException if this signature object is not
-     * initialized properly.
+     *     initialized properly.
+     * @exception IllegalArgumentException if {@code data} is {@code null},
+     *     or {@code off} or {@code len} is less than 0, or the sum of
+     *     {@code off} and {@code len} is greater than the length of
+     *     {@code data}.
      */
     public final void update(byte[] data, int off, int len)
             throws SignatureException {
         if (state == SIGN || state == VERIFY) {
+            if (data == null) {
+                throw new IllegalArgumentException("data is null");
+            }
+            if (off < 0 || len < 0) {
+                throw new IllegalArgumentException("off or len is less than 0");
+            }
+            if (data.length - off < len) {
+                throw new IllegalArgumentException
+                    ("data too small for specified offset and length");
+            }
             engineUpdate(data, off, len);
         } else {
             throw new SignatureException("object not initialized for "