From 908d60673d327011d6bf97c10cfa81aaa49150c1 Mon Sep 17 00:00:00 2001 From: Sergey Bylokhov Date: Fri, 5 Jan 2024 02:50:21 +0000 Subject: [PATCH] 8315042: NPE in PKCS7.parseOldSignedData Backport-of: 8c0d026d0f508e0c896fd28d725915c52d1b689d --- .../classes/sun/security/pkcs/PKCS7.java | 4 ++ .../x509/X509CRLImpl/UnexpectedNPE.java | 63 ++++++++----------- 2 files changed, 29 insertions(+), 38 deletions(-) diff --git a/src/java.base/share/classes/sun/security/pkcs/PKCS7.java b/src/java.base/share/classes/sun/security/pkcs/PKCS7.java index 603167e2279..dd0e6fd1272 100644 --- a/src/java.base/share/classes/sun/security/pkcs/PKCS7.java +++ b/src/java.base/share/classes/sun/security/pkcs/PKCS7.java @@ -166,6 +166,10 @@ private void parse(DerInputStream derin, boolean oldStyle) contentType = contentInfo.contentType; DerValue content = contentInfo.getContent(); + if (content == null) { + throw new ParsingException("content is null"); + } + if (contentType.equals(ContentInfo.SIGNED_DATA_OID)) { parseSignedData(content); } else if (contentType.equals(ContentInfo.OLD_SIGNED_DATA_OID)) { diff --git a/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java b/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java index 8c14c48ee28..fb85353ee3f 100644 --- a/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java +++ b/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,56 +23,43 @@ /* * @test - * @bug 5052433 - * @summary NullPointerException for generateCRL and generateCRLs methods. + * @bug 5052433 8315042 + * @summary Verify that generateCRL and generateCRLs methods do not throw + * NullPointerException. They should throw CRLException instead. + * @library /test/lib */ import java.security.NoSuchProviderException; import java.security.cert.*; import java.io.ByteArrayInputStream; +import java.util.Base64; -public class UnexpectedNPE { - CertificateFactory cf = null ; +import jdk.test.lib.Utils; - public UnexpectedNPE() {} +public class UnexpectedNPE { + static CertificateFactory cf = null; - public static void main( String[] av ) { + public static void main(String[] av ) throws CertificateException, + NoSuchProviderException { byte[] encoded_1 = { 0x00, 0x00, 0x00, 0x00 }; byte[] encoded_2 = { 0x30, 0x01, 0x00, 0x00 }; byte[] encoded_3 = { 0x30, 0x01, 0x00 }; + byte[] encoded_4 = Base64.getDecoder().decode( + "MAsGCSqGSMP7TQEHAjI1Bgn///////8wCwUyAQ=="); - UnexpectedNPE unpe = new UnexpectedNPE() ; - - if(!unpe.run(encoded_1)) { - throw new SecurityException("CRLException has not been thrown"); - } + cf = CertificateFactory.getInstance("X.509", "SUN"); - if(!unpe.run(encoded_2)) { - throw new SecurityException("CRLException has not been thrown"); - } - - if(!unpe.run(encoded_2)) { - throw new SecurityException("CRLException has not been thrown"); - } + run(encoded_1); + run(encoded_2); + run(encoded_3); + run(encoded_4); } - private boolean run(byte[] buf) { - if (cf == null) { - try { - cf = CertificateFactory.getInstance("X.509", "SUN"); - } catch (CertificateException e) { - throw new SecurityException("Cannot get CertificateFactory"); - } catch (NoSuchProviderException npe) { - throw new SecurityException("Cannot get CertificateFactory"); - } - } - try { - cf.generateCRL(new ByteArrayInputStream(buf)); - } catch (CRLException ce) { - System.out.println("NPE checking passed"); - return true; - } - - System.out.println("CRLException has not been thrown"); - return false; + private static void run(byte[] buf) { + Utils.runAndCheckException( + () -> cf.generateCRL(new ByteArrayInputStream(buf)), + CRLException.class); + Utils.runAndCheckException( + () -> cf.generateCRLs(new ByteArrayInputStream(buf)), + CRLException.class); } }