United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: JDK-6853793 OutOfMemoryError in sun.security.provider.certpath.OCSPChecker.check
JDK-6853793 : OutOfMemoryError in sun.security.provider.certpath.OCSPChecker.check

Details
Type:
Bug
Submit Date:
2009-06-23
Status:
Resolved
Updated Date:
2010-09-29
Project Name:
JDK
Resolved Date:
2009-07-17
Component:
security-libs
OS:
windows_xp
Sub-Component:
java.security
CPU:
x86
Priority:
P3
Resolution:
Fixed
Affected Versions:
6u10
Fixed Versions:

Related Reports
Backport:

Sub Tasks

Description
FULL PRODUCT VERSION :
java version "1.6.0_14"
Java(TM) SE Runtime Environment (build 1.6.0_14-b08)
Java HotSpot(TM) Client VM (build 14.0-b16, mixed mode, sharing)


ADDITIONAL OS VERSION INFORMATION :
WindowXP

EXTRA RELEVANT SYSTEM CONFIGURATION :
Behind a firewall and using a corporate proxy server.

A DESCRIPTION OF THE PROBLEM :
Accessing any of the javax samples (and other websites, e.g. WorldWind examples) always gives me an OutOfMemoryError (see expected results).

I believe the problem is related to an incorrect handling of HTTP responses, which do NOT include the content-length header field, in sun.security.provider.certpath.OCSPChecker.check().

Grabbing the source code from openjdk7 for OCSPChecker.check(), I came across the follow code (around line 353):

           int contentLength = con.getContentLength();
            if (contentLength == -1) {
                contentLength = Integer.MAX_VALUE;
            }

            byte[] response = new byte[contentLength];


This would explain the out of memory exception, which CONSISTENTLY occurs in the check function.
 
However, I cannot say that this is definitely what is causing the problem, but I'm not really sure how to work around the issue. Webstart works fine with local files, etc.



STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
One way to do this, if you're behind a firewall with an appropriate proxy-server, etc:

javaws http://javafx.com/samples/Sudoku/webstart/Sudoku.jnlp




ERROR MESSAGES/STACK TRACES THAT OCCUR :
Validating http://javafx.com/samples/Carousel/webstart/Carousel.jar , version null...
Reading certificates from 341411 http://dl.javafx.com/javafx-rt-windows-i586__V1.2.0_b233.jar | C:\Documents and Settings\64537\Application Data\Sun\Java\Deployment\cache\6.0\44\50f3f12c-2e251feb.idx
Reading certificates from 10233 http://dl.javafx.com/javafx-rt-natives-windows-i586__V1.2.0_b233.jar | C:\Documents and Settings\64537\Application Data\Sun\Java\Deployment\cache\6.0\15\58fb3e0f-29cf7e69.idx

exception: Java heap space.
java.lang.OutOfMemoryError: Java heap space
	at sun.security.provider.certpath.OCSPChecker.check(Unknown Source)
	at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(Unknown Source)
	at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(Unknown Source)
	at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(Unknown Source)
	at java.security.cert.CertPathValidator.validate(Unknown Source)
	at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
	at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
	at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
	at sun.security.validator.Validator.validate(Unknown Source)
	at sun.security.validator.Validator.validate(Unknown Source)
	at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
	at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source)
	at com.sun.javaws.LaunchDownload.checkSignedResourcesHelper(Unknown Source)
	at com.sun.javaws.LaunchDownload.checkSignedResources(Unknown Source)
	at sun.plugin2.applet.JNLP2Manager.prepareLaunchFile(Unknown Source)
	at sun.plugin2.applet.JNLP2Manager.loadJarFiles(Unknown Source)
	at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
	at java.lang.Thread.run(Unknown Source)
Exception: java.lang.OutOfMemoryError: Java heap space



REPRODUCIBILITY :
This bug can be reproduced always.

                                    

Comments
EVALUATION

allocate memory dynamically if no HTTP content-length specified.
                                     
2009-07-03



Hardware and Software, Engineered to Work Together