-
Bug
-
Resolution: Fixed
-
P5
-
7
-
None
-
b25
-
generic
-
generic
KDC-REQ is defined as
* KDC-REQ ::= SEQUENCE {
* -- NOTE: first tag is [1], not [0]
* pvno [1] INTEGER (5) ,
* msg-type [2] INTEGER (10 -- AS -- | 12 -- TGS --),
* padata [3] SEQUENCE OF PA-DATA OPTIONAL
* -- NOTE: not empty --,
* req-body [4] KDC-REQ-BODY
* }
However, in sun.security.krb5.internal.KDCReq.init(DerValue encoding, int req_type), we have
...
147 subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x03) {
... // Parsing padata
} else {
pAData = null;
}
164 subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x04) {
... // Parsing req-body
Here if padata is missing (it's marked as OPTIONAL in definition), subDer read at line 147 is already req-body, so reading on line 164 is redundant and would fail.
The priority is marked as 5-Very Low because JDK is not used at writing KDC, so this method might never be used.
* KDC-REQ ::= SEQUENCE {
* -- NOTE: first tag is [1], not [0]
* pvno [1] INTEGER (5) ,
* msg-type [2] INTEGER (10 -- AS -- | 12 -- TGS --),
* padata [3] SEQUENCE OF PA-DATA OPTIONAL
* -- NOTE: not empty --,
* req-body [4] KDC-REQ-BODY
* }
However, in sun.security.krb5.internal.KDCReq.init(DerValue encoding, int req_type), we have
...
147 subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x03) {
... // Parsing padata
} else {
pAData = null;
}
164 subDer = der.getData().getDerValue();
if ((subDer.getTag() & 0x01F) == 0x04) {
... // Parsing req-body
Here if padata is missing (it's marked as OPTIONAL in definition), subDer read at line 147 is already req-body, so reading on line 164 is redundant and would fail.
The priority is marked as 5-Very Low because JDK is not used at writing KDC, so this method might never be used.