8182387: Improve PKCS usage
authorapetcher
Fri, 28 Jul 2017 18:20:43 +0000
changeset 48569 950cb68f9d82
parent 48568 0255315ac8d4
child 48570 9baae459d58e
8182387: Improve PKCS usage Reviewed-by: valeriep
src/java.base/share/classes/sun/security/util/DerValue.java
--- a/src/java.base/share/classes/sun/security/util/DerValue.java	Sun Jul 23 10:33:13 2017 +0530
+++ b/src/java.base/share/classes/sun/security/util/DerValue.java	Fri Jul 28 18:20:43 2017 +0000
@@ -490,20 +490,27 @@
      * @return the octet string held in this DER value
      */
     public byte[] getOctetString() throws IOException {
-        byte[] bytes;
 
         if (tag != tag_OctetString && !isConstructed(tag_OctetString)) {
             throw new IOException(
                 "DerValue.getOctetString, not an Octet String: " + tag);
         }
-        bytes = new byte[length];
-        // Note: do not tempt to call buffer.read(bytes) at all. There's a
+        // Note: do not attempt to call buffer.read(bytes) at all. There's a
         // known bug that it returns -1 instead of 0.
         if (length == 0) {
-            return bytes;
+            return new byte[0];
         }
-        if (buffer.read(bytes) != length)
+
+        // Only allocate the array if there are enough bytes available.
+        // This only works for ByteArrayInputStream.
+        // The assignment below ensures that buffer has the required type.
+        ByteArrayInputStream arrayInput = buffer;
+        if (arrayInput.available() < length) {
             throw new IOException("short read on DerValue buffer");
+        }
+        byte[] bytes = new byte[length];
+        arrayInput.read(bytes);
+
         if (isConstructed()) {
             DerInputStream in = new DerInputStream(bytes, 0, bytes.length,
                 buffer.allowBER);