changeset 3039:bdc6a3dc3e57

6958060: Malformed AP-REQ crashes acceptor side Reviewed-by: valeriep, xuelei
author weijun
date Thu, 17 Jun 2010 12:59:21 +0800
parents 2bad540d9b5b
children b9d3a1a8b682
files src/share/classes/sun/security/jgss/krb5/InitialToken.java
diffstat 1 files changed, 6 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/jgss/krb5/InitialToken.java	Thu Jun 17 12:59:14 2010 +0800
+++ b/src/share/classes/sun/security/jgss/krb5/InitialToken.java	Thu Jun 17 12:59:21 2010 +0800
@@ -35,7 +35,6 @@
 import java.security.NoSuchAlgorithmException;
 import java.util.Arrays;
 import sun.security.krb5.*;
-import sun.security.jgss.HttpCaller;
 import sun.security.krb5.internal.Krb5;
 
 abstract class InitialToken extends Krb5Token {
@@ -217,6 +216,12 @@
 
             int pos = 0;
 
+            if (checksum == null) {
+                GSSException ge = new GSSException(GSSException.FAILURE, -1,
+                        "No cksum in AP_REQ's authenticator");
+                ge.initCause(new KrbException(Krb5.KRB_AP_ERR_INAPP_CKSUM));
+                throw ge;
+            }
             checksumBytes = checksum.getBytes();
 
             if ((checksumBytes[0] != CHECKSUM_FIRST_BYTES[0]) ||