JDK-4925226 : Cipher.update(ByteBuffer,ByteBuffer): in and out objects must not be the same
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Affected Version: 5.0
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2003-09-19
  • Updated: 2017-05-16
  • Resolved: 2003-12-04
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availabitlity Release.

To download the current JDK release, click here.
5.0 b31Fixed
The spec for the new Cipher.update(ByteBuffer,ByteBuffer) and Cipher.doFinal(ByteBuffer,ByteBuffer) does not say what happens if the input and output ByteBuffer are the same object (as opposed two different objects referring to the same piece of memory).

The spec should be updated to state that this is not allowed and a IllegalArgumentException is thrown. If an application wants to do in-place encryption, it should use different ByteBuffer objects referring to that piece of memory (the output buffer could be obtained using byteBuffer.duplicate()).

CONVERTED DATA BugTraq+ Release Management Values COMMIT TO FIX: tiger-beta tiger-beta2 FIXED IN: tiger-beta tiger-beta2 INTEGRATED IN: tiger-b31 tiger-b36 tiger-beta tiger-beta2

EVALUATION Will file CCC. ###@###.### 2003-09-19