8213782: NullPointerException in sun.security.ssl.OutputRecord.changeWriteCiphers

Reviewed-by: ascarpino
2025-08-28 15:24:43 +02:00 · 2018-12-14 17:51:02 -08:00 · 2018-12-14 17:51:02 -08:00 · e44207a9f6
commit e44207a9f6
parent 516a3b3ec1
4 changed files with 140 additions and 29 deletions
--- a/src/java.base/share/classes/sun/security/ssl/KeyUpdate.java
+++ b/src/java.base/share/classes/sun/security/ssl/KeyUpdate.java
@ -223,6 +223,16 @@ final class KeyUpdate {
                        Authenticator.valueOf(hc.conContext.protocolVersion),
                        hc.conContext.protocolVersion, key, ivSpec,
                        hc.sslContext.getSecureRandom());
+
+                if (rc == null) {
+                    hc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
+                        "Illegal cipher suite (" + hc.negotiatedCipherSuite +
+                        ") and protocol version (" + hc.negotiatedProtocol +
+                        ")");
+
+                    return;
+                }
+
                rc.baseSecret = nplus1;
                hc.conContext.inputRecord.changeReadCiphers(rc);
                if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
@ -303,6 +313,14 @@ final class KeyUpdate {
                return null;
            }

+            if (wc == null) {
+                hc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
+                    "Illegal cipher suite (" + hc.negotiatedCipherSuite +
+                    ") and protocol version (" + hc.negotiatedProtocol + ")");
+
+                return null;
+            }
+
            // Output the handshake message and change the write cipher.
            //
            // The KeyUpdate handshake message SHALL be delivered in the