United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: JDK-7106277 Brokenness in the seqNumberOverflow of MAC
JDK-7106277 : Brokenness in the seqNumberOverflow of MAC

Details
Type:
Bug
Submit Date:
2011-10-29
Status:
Resolved
Updated Date:
2012-05-05
Project Name:
JDK
Resolved Date:
2011-11-16
Component:
security-libs
OS:
generic,windows_xp
Sub-Component:
javax.net.ssl
CPU:
x86,generic
Priority:
P3
Resolution:
Fixed
Affected Versions:
7
Fixed Versions:

Related Reports
Backport:
Duplicate:

Sub Tasks

Description
What's wrong with this code in MAC.java?
    final boolean seqNumOverflow() {
        /*
         * Conservatively, we don't allow more records to be generated
         * when there are only 2^8 sequence numbers left.
         */
        return (block != null && mac != null &&
                block[0] == 0xFF && block[1] == 0xFF &&
                block[2] == 0xFF && block[3] == 0xFF &&
                block[4] == 0xFF && block[5] == 0xFF &&
                block[6] == 0xFF);
    }

If it's not obvious to you, then run the following:

public class Main {
    public static void main(String[] args) throws Exception {
        byte [] ba = new byte[] { -1 };
        System.out.println((ba[0] == (byte) 0xFF ? "true" : "false"));
        System.out.println((ba[0] ==        0xFF ? "true" : "false"));
    }
}

In first println, both of these are bytes, and the compared.  In the second, 0xFF is an int, so ba[0] is widened to -1 (0xffffffff), and thus 0xff == 0xffffffff is false.

                                    

Comments
EVALUATION

correct the conversion.
                                     
2011-10-31



Hardware and Software, Engineered to Work Together