1 Star 0 Fork 82

Daddy_Zhang/openjdk-1.8.0

加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
8151788.patch 3.75 KB
一键复制 编辑 原始数据 按行查看 历史
jdkboy 提交于 2020-03-21 11:30 . delete redundant info
From bf24abe7a9499638a43dfd03fecfbfb763430a63 Mon Sep 17 00:00:00 2001
Date: Thu, 27 Jun 2019 11:24:39 +0000
Subject: [PATCH] Backport of JDK-8151788
summary: NullPointerException from ntlm.Client.type3
LLT:
Bug url: https://bugs.openjdk.java.net/browse/JDK-8151788
---
.../classes/com/sun/security/ntlm/NTLM.java | 2 +-
.../www/protocol/http/NULLTargetInfoTest.java | 58 +++++++++++++++++++
2 files changed, 59 insertions(+), 1 deletion(-)
create mode 100644 jdk/test/sun/net/www/protocol/http/NULLTargetInfoTest.java
diff --git a/jdk/src/share/classes/com/sun/security/ntlm/NTLM.java b/jdk/src/share/classes/com/sun/security/ntlm/NTLM.java
index da18e2199a..249cd226c4 100644
--- a/jdk/src/share/classes/com/sun/security/ntlm/NTLM.java
+++ b/jdk/src/share/classes/com/sun/security/ntlm/NTLM.java
@@ -167,7 +167,7 @@ class NTLM {
byte[] readSecurityBuffer(int offset) throws NTLMException {
int pos = readInt(offset+4);
- if (pos == 0) return null;
+ if (pos == 0) return new byte[0];
try {
return Arrays.copyOfRange(
internal, pos, pos + readShort(offset));
diff --git a/jdk/test/sun/net/www/protocol/http/NULLTargetInfoTest.java b/jdk/test/sun/net/www/protocol/http/NULLTargetInfoTest.java
new file mode 100644
index 0000000000..d8e88554f8
--- /dev/null
+++ b/jdk/test/sun/net/www/protocol/http/NULLTargetInfoTest.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8151788
+ * @summary NullPointerException from ntlm.Client.type3
+ * @modules java.base/com.sun.security.ntlm
+ * @run main NULLTargetInfoTest
+ */
+import com.sun.security.ntlm.Client;
+
+public class NULLTargetInfoTest {
+
+ public static void main(String[] args) throws Exception {
+ Client c = new Client(null, "host", "user", "domain", "pass".toCharArray());
+ c.type1();
+ // this input does have the 0x800000 bit(NTLMSSP_NEGOTIATE_TARGET_INFO) set
+ // but after offset 40 all eight bytes are all zero which means there is no
+ // security buffer for target info.
+ byte[] type2 = hex(
+ "4E 54 4C 4D 53 53 50 00 02 00 00 00 00 00 00 00"
+ + "00 00 00 00 05 82 89 00 0B 87 81 B6 2D 6E 8B C1"
+ + "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
+ byte[] nonce = new byte[10];
+ c.type3(type2, nonce);
+ }
+
+ private static byte[] hex(String str) {
+ str = str.replaceAll("\\s", "");
+ byte[] response = new byte[str.length() / 2];
+ int index = 0;
+ for (int i = 0; i < str.length(); i += 2) {
+ response[index++] = Integer.valueOf(str.substring(i, i + 2), 16).byteValue();
+ }
+ return response;
+ }
+}
--
2.19.0-rc1
Loading...
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/daddy_zhang/openjdk-1.8.0.git
[email protected]:daddy_zhang/openjdk-1.8.0.git
daddy_zhang
openjdk-1.8.0
openjdk-1.8.0
master

搜索帮助