JDK-7106277 : Brokenness in the seqNumberOverflow of MAC
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 7
  • Priority: P3
  • Status: Closed
  • Resolution: Fixed
  • OS: generic,windows_xp
  • CPU: generic,x86
  • Submitted: 2011-10-29
  • Updated: 2013-08-20
  • Resolved: 2011-11-16
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7 JDK 8
7u4Fixed 8 b14Fixed
Related Reports
Duplicate :  
Description
What's wrong with this code in MAC.java?
    final boolean seqNumOverflow() {
        /*
         * Conservatively, we don't allow more records to be generated
         * when there are only 2^8 sequence numbers left.
         */
        return (block != null && mac != null &&
                block[0] == 0xFF && block[1] == 0xFF &&
                block[2] == 0xFF && block[3] == 0xFF &&
                block[4] == 0xFF && block[5] == 0xFF &&
                block[6] == 0xFF);
    }

If it's not obvious to you, then run the following:

public class Main {
    public static void main(String[] args) throws Exception {
        byte [] ba = new byte[] { -1 };
        System.out.println((ba[0] == (byte) 0xFF ? "true" : "false"));
        System.out.println((ba[0] ==        0xFF ? "true" : "false"));
    }
}

In first println, both of these are bytes, and the compared.  In the second, 0xFF is an int, so ba[0] is widened to -1 (0xffffffff), and thus 0xff == 0xffffffff is false.

Comments
EVALUATION correct the conversion.
31-10-2011