changeset 54885:fedc89081b57

8215790: Delegated task created by SSLEngine throws java.nio.BufferUnderflowException Reviewed-by: jnimeh
author ascarpino
date Tue, 12 Feb 2019 14:08:07 -0800
parents cb1642ccc732
children 81767abf7e6a
files src/java.base/share/classes/sun/security/ssl/ClientHello.java test/jdk/javax/net/ssl/interop/ClientHelloBufferUnderflowException.java
diffstat 2 files changed, 88 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/src/java.base/share/classes/sun/security/ssl/ClientHello.java	Tue Feb 12 13:36:15 2019 -0800
+++ b/src/java.base/share/classes/sun/security/ssl/ClientHello.java	Tue Feb 12 14:08:07 2019 -0800
@@ -803,8 +803,13 @@
                     shc.sslConfig.getEnabledExtensions(
                             SSLHandshake.CLIENT_HELLO);
 
-            ClientHelloMessage chm =
-                    new ClientHelloMessage(shc, message, enabledExtensions);
+            ClientHelloMessage chm;
+            try {
+                chm = new ClientHelloMessage(shc, message, enabledExtensions);
+            } catch (Exception e) {
+                throw shc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
+                        "ClientHelloMessage failure", e);
+            }
             if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                 SSLLogger.fine("Consuming ClientHello handshake message", chm);
             }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/javax/net/ssl/interop/ClientHelloBufferUnderflowException.java	Tue Feb 12 14:08:07 2019 -0800
@@ -0,0 +1,81 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+//
+// SunJSSE does not support dynamic system properties, no way to re-use
+// system properties in samevm/agentvm mode.
+//
+
+/*
+ * @test
+ * @bug 8215790
+ * @summary Verify exception
+ * @modules java.base/sun.security.util
+ * @run main/othervm ClientHelloBufferUnderflowException
+ */
+
+import sun.security.util.HexDumpEncoder;
+import javax.net.ssl.SSLHandshakeException;
+
+public class ClientHelloBufferUnderflowException extends ClientHelloInterOp {
+    /*
+     * Main entry point for this test.
+     */
+    public static void main(String args[]) throws Exception {
+        try {
+            (new ClientHelloBufferUnderflowException()).run();
+        } catch (SSLHandshakeException e) {
+            System.out.println("Correct exception thrown");
+        } catch (Exception e) {
+            System.out.println("Failed: Exception not SSLHandShakeException");
+            System.out.println(e.getMessage());
+            throw e;
+        }
+    }
+
+    @Override
+    protected byte[] createClientHelloMessage() {
+        // The ClientHello message in hex: 16 03 01 00 05 01 00 00 01 03
+        // Record Header:
+        // 16 - type is 0x16 (handshake record)
+        // 03 01 - protocol version is 3.1 (also known as TLS 1.0)
+        // 00 05 - 0x05 (5) bytes of handshake message follows
+        // Handshake Header:
+        // 01 - handshake message type 0x01 (client hello)
+        // 00 00 01 - 0x01 (1) bytes of client hello follows
+        // Client Version:
+        // 03 - incomplete client version
+        //
+        // (Based on https://tls.ulfheim.net)
+        byte[] bytes = {
+            0x16, 0x03, 0x01, 0x00, 0x05, 0x01, 0x00, 0x00, 0x01, 0x03};
+
+        System.out.println("The ClientHello message used");
+        try {
+            (new HexDumpEncoder()).encodeBuffer(bytes, System.out);
+        } catch (Exception e) {
+            // ignore
+        }
+        return bytes;
+    }
+}