8168705: Better ObjectIdentifier validation
Reviewed-by: mullan, asmotrak, ahgross
--- a/jdk/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java Thu Nov 17 16:59:18 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java Thu Nov 17 09:51:10 2016 -0800
@@ -255,7 +255,13 @@
+ " (tag = " + type_id + ")"
);
- encoding = new byte[in.getDefiniteLength()];
+ int len = in.getDefiniteLength();
+ if (len > in.available()) {
+ throw new IOException("ObjectIdentifier() -- length exceeds" +
+ "data available. Length: " + len + ", Available: " +
+ in.available());
+ }
+ encoding = new byte[len];
in.getBytes(encoding);
check(encoding);
}