packages/openjdk-1.8.0
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openjdk-1.8.0/8151788.patch
jdkboy 78c7e428f6 delete redundant info
2020-03-21 11:30:48 +08:00

94 lines
3.8 KiB
Diff
Raw Blame History

From bf24abe7a9499638a43dfd03fecfbfb763430a63 Mon Sep 17 00:00:00 2001
Date: Thu, 27 Jun 2019 11:24:39 +0000
Subject: [PATCH] Backport of JDK-8151788
summary: NullPointerException from ntlm.Client.type3
LLT:
Bug url: https://bugs.openjdk.java.net/browse/JDK-8151788
---
.../classes/com/sun/security/ntlm/NTLM.java | 2 +-
.../www/protocol/http/NULLTargetInfoTest.java | 58 +++++++++++++++++++
2 files changed, 59 insertions(+), 1 deletion(-)
create mode 100644 jdk/test/sun/net/www/protocol/http/NULLTargetInfoTest.java
diff --git a/jdk/src/share/classes/com/sun/security/ntlm/NTLM.java b/jdk/src/share/classes/com/sun/security/ntlm/NTLM.java
index da18e2199a..249cd226c4 100644
--- a/jdk/src/share/classes/com/sun/security/ntlm/NTLM.java
+++ b/jdk/src/share/classes/com/sun/security/ntlm/NTLM.java
@@ -167,7 +167,7 @@ class NTLM {
byte[] readSecurityBuffer(int offset) throws NTLMException {
int pos = readInt(offset+4);
- if (pos == 0) return null;
+ if (pos == 0) return new byte[0];
try {
return Arrays.copyOfRange(
internal, pos, pos + readShort(offset));
diff --git a/jdk/test/sun/net/www/protocol/http/NULLTargetInfoTest.java b/jdk/test/sun/net/www/protocol/http/NULLTargetInfoTest.java
new file mode 100644
index 0000000000..d8e88554f8
--- /dev/null
+++ b/jdk/test/sun/net/www/protocol/http/NULLTargetInfoTest.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8151788
+ * @summary NullPointerException from ntlm.Client.type3
+ * @modules java.base/com.sun.security.ntlm
+ * @run main NULLTargetInfoTest
+ */
+import com.sun.security.ntlm.Client;
+
+public class NULLTargetInfoTest {
+
+ public static void main(String[] args) throws Exception {
+ Client c = new Client(null, "host", "user", "domain", "pass".toCharArray());
+ c.type1();
+ // this input does have the 0x800000 bit(NTLMSSP_NEGOTIATE_TARGET_INFO) set
+ // but after offset 40 all eight bytes are all zero which means there is no
+ // security buffer for target info.
+ byte[] type2 = hex(
+ "4E 54 4C 4D 53 53 50 00 02 00 00 00 00 00 00 00"
+ + "00 00 00 00 05 82 89 00 0B 87 81 B6 2D 6E 8B C1"
+ + "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
+ byte[] nonce = new byte[10];
+ c.type3(type2, nonce);
+ }
+
+ private static byte[] hex(String str) {
+ str = str.replaceAll("\\s", "");
+ byte[] response = new byte[str.length() / 2];
+ int index = 0;
+ for (int i = 0; i < str.length(); i += 2) {
+ response[index++] = Integer.valueOf(str.substring(i, i + 2), 16).byteValue();
+ }
+ return response;
+ }
+}
--
2.19.0-rc1
Reference in New Issue View Git Blame Copy Permalink