-
Bug
-
Resolution: Fixed
-
P4
-
8, 11, 17, 21, 22
-
b06
-
generic
-
generic
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8318544 | 21.0.2 | Aleksey Shipilev | P4 | Resolved | Fixed | b05 |
JDK-8322402 | 17.0.11 | Aleksey Shipilev | P4 | Resolved | Fixed | b01 |
A fuzzed server hello message causes an NPE during handshake:
Exception in thread "main" java.lang.NullPointerException: Cannot read field "isAvailable" because "cct" is null
at java.base/sun.security.ssl.CertificateRequest$ClientCertificateType.getKeyTypes(CertificateRequest.java:138)
at java.base/sun.security.ssl.CertificateRequest$T12CertificateRequestMessage.getKeyTypes(CertificateRequest.java:518)
at java.base/sun.security.ssl.CertificateRequest$T12CertificateRequestConsumer.choosePossession(CertificateRequest.java:756)
at java.base/sun.security.ssl.CertificateRequest$T12CertificateRequestConsumer.consume(CertificateRequest.java:733)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1273)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1260)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:712)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1205)
at SSLEngineClientReadFile.runDelegatedTasks(SSLEngineClientReadFile.java:121)
at SSLEngineClientReadFile.runDemo(SSLEngineClientReadFile.java:94)
at SSLEngineClientReadFile.main(SSLEngineClientReadFile.java:45)
Exception in thread "main" java.lang.NullPointerException: Cannot read field "isAvailable" because "cct" is null
at java.base/sun.security.ssl.CertificateRequest$ClientCertificateType.getKeyTypes(CertificateRequest.java:138)
at java.base/sun.security.ssl.CertificateRequest$T12CertificateRequestMessage.getKeyTypes(CertificateRequest.java:518)
at java.base/sun.security.ssl.CertificateRequest$T12CertificateRequestConsumer.choosePossession(CertificateRequest.java:756)
at java.base/sun.security.ssl.CertificateRequest$T12CertificateRequestConsumer.consume(CertificateRequest.java:733)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1273)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1260)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:712)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1205)
at SSLEngineClientReadFile.runDelegatedTasks(SSLEngineClientReadFile.java:121)
at SSLEngineClientReadFile.runDemo(SSLEngineClientReadFile.java:94)
at SSLEngineClientReadFile.main(SSLEngineClientReadFile.java:45)
- backported by
-
JDK-8318544 SSLEngine throws NPE parsing CertificateRequests
- Resolved
-
JDK-8322402 SSLEngine throws NPE parsing CertificateRequests
- Resolved
- relates to
-
JDK-8196584 TLS 1.3 Implementation
- Resolved
- links to
-
Commit openjdk/jdk17u-dev/a0321366
-
Commit openjdk/jdk21u/7b4ab285
-
Commit openjdk/jdk/5667afc3
-
Review openjdk/jdk17u-dev/2046
-
Review openjdk/jdk21u/257
-
Review openjdk/jdk/14778
(4 links to)