# HG changeset patch # User weijun # Date 1237523025 -28800 # Node ID 4bd791a3b5e05f812479a222ffad1cf80af78321 # Parent 9bbfd5bbae1ee187dd220e221e9164f32cf6bdf3 4811968: ASN.1 (X509Certificate) implementations don't handle large OID components Reviewed-by: nobody --- a/src/share/classes/sun/security/util/ObjectIdentifier.java Fri Mar 20 12:23:43 2009 +0800 +++ b/src/share/classes/sun/security/util/ObjectIdentifier.java Fri Mar 20 12:23:45 2009 +0800 @@ -312,7 +312,7 @@ /* * Tricky OID component parsing technique ... note that one bit - * per octet is lost, this returns at most 28 bits of component. + * per octet is lost, this returns at most 31 bits of component. * Also, notice this parses in big-endian format. */ private static int getComponent (DerInputStream in) @@ -320,7 +320,12 @@ { int retval, i, tmp; - for (i = 0, retval = 0; i < 4; i++) { + for (i = 0, retval = 0; i < 5; i++) { + // Since we can only deal with 31 bits of component now, make sure + // it's still within 24 bits before <<= 7. + if ((retval & 0xff000000) != 0) { + throw new IOException ("ObjectIdentifier() -- component value too big"); + } retval <<= 7; tmp = in.getByte (); retval |= (tmp & 0x07f); @@ -340,11 +345,9 @@ throws IOException { int i; - // TODO: val must be <128*128*128*128 here, otherwise, 4 bytes is not - // enough to hold it. Will address this later. - byte buf [] = new byte [4] ; - - for (i = 0; i < 4; i++) { + byte buf [] = new byte [5] ; + + for (i = 0; i < 5; i++) { buf [i] = (byte) (val & 0x07f); val >>>= 7; if (val == 0) --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/util/Oid/HugeOid.java Fri Mar 20 12:23:45 2009 +0800 @@ -0,0 +1,67 @@ +/* + * Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/* + * @test + * @author Weijun Wang + * @bug 4811968 + * @summary ASN.1 cannot handle huge OID components + */ + +import sun.security.util.*; + +// ATTENTION: This is a temporary test to make sure the partial fix to 4811968 +// will not bring error. After the bug is fully fixed, this test should be +// removed. + +public class HugeOid { + public static void main(String[] args) throws Exception { + int failure = 0; + + // OID 1.2.2^31-1, we support this now + byte[] bb = new byte[] {0x06, 0x06, 0x2A, (byte)0x87, (byte)0xff, (byte)0xff, (byte)0xff, 0x7f}; + new ObjectIdentifier(new DerInputStream(bb)); + + // OID 1.2.2^31, still not supported + bb = new byte[] {0x06, 0x06, 0x2A, (byte)0x88, (byte)0x80, (byte)0x80, (byte)0x80, 0x00}; + try { + new ObjectIdentifier(new DerInputStream(bb)); + } catch (Exception e) { + failure++; + } + + // In fact, the above OID should have already been rejected by the old + // implementation since 2^31 is negative. Here's another one: + // OID 1.2.2^32, this one is not negative (it's 0 in 32 bit) + bb = new byte[] {0x06, 0x06, 0x2A, (byte)0x90, (byte)0x80, (byte)0x80, (byte)0x80, 0x00}; + try { + new ObjectIdentifier(new DerInputStream(bb)); + } catch (Exception e) { + failure++;; + } + + if (failure != 2) { + throw new Exception("Test failed"); + } + } +} --- a/test/sun/security/util/Oid/OidFormat.java Fri Mar 20 12:23:43 2009 +0800 +++ b/test/sun/security/util/Oid/OidFormat.java Fri Mar 20 12:23:45 2009 +0800 @@ -64,8 +64,8 @@ "1.3.6.1.4.1.42.2.17", // 4811968: ASN.1 cannot handle huge OID components //"2.16.764.1.3101555394.1.0.100.2.1", - //"1.2.2147483647.4", - //"1.2.268435456.4", + "1.2.2147483647.4", + "1.2.268435456.4", }; for (String s: goodOids) {