8217344: Make comparison overflow-aware in ECDHKeyAgreement.engineGenerateSecret()
Reviewed-by: apetcher
--- a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDHKeyAgreement.java Fri Jan 18 18:21:50 2019 -0500
+++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDHKeyAgreement.java Fri Jan 18 15:44:17 2019 -0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2009, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -178,7 +178,7 @@
@Override
protected int engineGenerateSecret(byte[] sharedSecret, int
offset) throws IllegalStateException, ShortBufferException {
- if (offset + secretLen > sharedSecret.length) {
+ if (secretLen > sharedSecret.length - offset) {
throw new ShortBufferException("Need " + secretLen
+ " bytes, only " + (sharedSecret.length - offset)
+ " available");
--- a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSASignature.java Fri Jan 18 18:21:50 2019 -0500
+++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSASignature.java Fri Jan 18 15:44:17 2019 -0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2009, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -163,7 +163,7 @@
if (len <= 0) {
return;
}
- if (offset + len >= precomputedDigest.length) {
+ if (len >= precomputedDigest.length - offset) {
offset = RAW_ECDSA_MAX + 1;
return;
}