Merge

author: lana <none@none> 2010-06-07 17:08:26 -0700
committer: lana <none@none> 2010-06-07 17:08:26 -0700
commit: ccff0e0e43d4382df77e9e850249eb204496f411 (patch)
tree: 32acf0e07457aca44756ebb757d80c823f522a62 /src/share/classes/sun/security/provider/X509Factory.java
parent: d807b2caa7c62548b272e8a9a7cbc229f1c0b3d5 (diff)
parent: 9250509d4d1cf6646f820249b7884713609ac148 (diff)
1 files changed, 24 insertions, 0 deletions
diff --git a/src/share/classes/sun/security/provider/X509Factory.java b/src/share/classes/sun/security/provider/X509Factory.java
index 8dbe55d22..e785b655a 100644
--- a/src/share/classes/sun/security/provider/X509Factory.java
+++ b/src/share/classes/sun/security/provider/X509Factory.java
@@ -518,6 +518,7 @@ public class X509Factory extends CertificateFactorySpi {
 
             // Step 2: Read the rest of header, determine the line end
             int end;
+            StringBuffer header = new StringBuffer("-----");
             while (true) {
                 int next = is.read();
                 if (next == -1) {
@@ -540,6 +541,7 @@ public class X509Factory extends CertificateFactorySpi {
                     }
                     break;
                 }
+                header.append((char)next);
             }
 
             // Step 3: Read the data
@@ -559,6 +561,7 @@ public class X509Factory extends CertificateFactorySpi {
             }
 
             // Step 4: Consume the footer
+            StringBuffer footer = new StringBuffer("-");
             while (true) {
                 int next = is.read();
                 // Add next == '\n' for maximum safety, in case endline
@@ -566,13 +569,34 @@ public class X509Factory extends CertificateFactorySpi {
                 if (next == -1 || next == end || next == '\n') {
                     break;
                 }
+                if (next != '\r') footer.append((char)next);
             }
 
+            checkHeaderFooter(header.toString(), footer.toString());
+
             BASE64Decoder decoder = new BASE64Decoder();
             return decoder.decodeBuffer(new String(data, 0, pos));
         }
     }
 
+    private static void checkHeaderFooter(String header,
+            String footer) throws IOException {
+        if (header.length() < 16 || !header.startsWith("-----BEGIN ") ||
+                !header.endsWith("-----")) {
+            throw new IOException("Illegal header: " + header);
+        }
+        if (footer.length() < 14 || !footer.startsWith("-----END ") ||
+                !footer.endsWith("-----")) {
+            throw new IOException("Illegal footer: " + footer);
+        }
+        String headerType = header.substring(11, header.length()-5);
+        String footerType = footer.substring(9, footer.length()-5);
+        if (!headerType.equals(footerType)) {
+            throw new IOException("Header and footer do not match: " +
+                    header + " " + footer);
+        }
+    }
+
     /**
      * Read one BER data block. This method is aware of indefinite-length BER
      * encoding and will read all of the sub-sections in a recursive way
author	lana <none@none>	2010-06-07 17:08:26 -0700
committer	lana <none@none>	2010-06-07 17:08:26 -0700
commit	ccff0e0e43d4382df77e9e850249eb204496f411 (patch)
tree	32acf0e07457aca44756ebb757d80c823f522a62 /src/share/classes/sun/security/provider/X509Factory.java
parent	d807b2caa7c62548b272e8a9a7cbc229f1c0b3d5 (diff)
parent	9250509d4d1cf6646f820249b7884713609ac148 (diff)