JDK-7166661 : Inproper compare of sequence number in sun.security.ssl.MAC class
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 7
  • Priority: P3
  • Status: Closed
  • Resolution: Duplicate
  • OS: windows_xp
  • CPU: x86
  • Submitted: 2012-05-04
  • Updated: 2012-05-05
  • Resolved: 2012-05-05
Related Reports
Duplicate :  
JDK-7106277 - Brokenness in the seqNumberOverflow of MAC
Description
FULL PRODUCT VERSION :
java version "1.7.0_02"
Java(TM) SE Runtime Environment (build 1.7.0_02-b13)
Java HotSpot(TM) Client VM (build 22.0-b10, mixed mode)

A DESCRIPTION OF THE PROBLEM :
Sequence number(signed byte array) is directly compared to 0xFF value which is out of signed byte interval.

This problem causes "seqNumOverflow" and "seqNumIsHuge" functions of MAC class to never return true. So re-handshake is never triggered.

REGRESSION.  Last worked in version 7


REPRODUCIBILITY :
This bug can be reproduced always.
Comments
EVALUATION Fixed in 7u4. http://hg.openjdk.java.net/jdk7u/jdk7u4/jdk/log?rev=7106277
05-05-2012