archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-26 22:34:27 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8280703: CipherCore.doFinal(...) causes potentially massive byte[] allocations during decryption

Browse source 
Reviewed-by: ascarpino
This commit is contained in:
Sebastian Stenzel 2022-01-28 16:42:42 +00:00 committed by Anthony Scarpino
parent cb8a82ee24
commit 409382ba4b
1 changed files with 8 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/java.base/share/classes/com/sun/crypto/provider/CipherCore.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2002, 2021, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2002, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -812,10 +812,13 @@ final class CipherCore {
if (outputCapacity < estOutSize) { if (outputCapacity < estOutSize) {
cipher.save(); cipher.save();
} }
// create temporary output buffer if the estimated size is larger if (outputCapacity < estOutSize || padding != null) {
// than the user-provided buffer. // create temporary output buffer if the estimated size is larger
internalOutput = new byte[estOutSize]; // than the user-provided buffer or a padding needs to be removed
offset = 0; // before copying the unpadded result to the output buffer
internalOutput = new byte[estOutSize];
offset = 0;
}
} }
byte[] outBuffer = (internalOutput != null) ? internalOutput : output; byte[] outBuffer = (internalOutput != null) ? internalOutput : output;