[
https://issues.apache.org/jira/browse/HTTPCORE-694?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jason Mathison updated HTTPCORE-694:
------------------------------------
Description:
We are having an issue where SSLIOSession::decryptData will effectively become
an endless loop when the size of the inEncryptedBuf buffer is larger than the
size of the inPlainBuf.
In this scenario the doUnwrap completely fills up the inPlainBuf. This causes
the
if (inPlainBuf.hasRemaining())
to return false and never clear anything out of the inPlainBuf buffer.
>From what we can tell the
if (inPlainBuf.hasRemaining()) {
should be removed, as it is in error. There is no reason that this buffer
being full should prevent it from being emptied.
We verified that removing this code from 5.1.2 resolved the issue we were
facing, along with all tests continuing to pass. There does not appear to be
any change to this code in 5.2 alpha.
This issue shows up when we use BouncyCastle for FIPS validated TLS, as it
creates a larger inEncryptedBuf then the SUN stack. This issue is completely
reproducible when we get a large response from our endpoint.
was:
We are having an issue where SSLIOSession::decryptData will effectively become
an endless loop when the size of the inEncryptedBuf buffer is larger than the
size of the inPlainBuf.
In this scenario the doUnwrap completely fills up the inPlainBuf. This causes
the
if (inPlainBuf.hasRemaining())
to return false and never clear anything out of the inPlainBuf buffer.
>From what we can tell the
if (inPlainBuf.hasRemaining()) {
This issue shows up when we use BouncyCastle for FIPS validated TLS, along with
an intentionally large response.
> Endless loop when encrypted buffer larger than plaintext buffer
> ---------------------------------------------------------------
>
> Key: HTTPCORE-694
> URL: https://issues.apache.org/jira/browse/HTTPCORE-694
> Project: HttpComponents HttpCore
> Issue Type: Bug
> Components: HttpCore
> Affects Versions: 5.1.2, 5.2-alpha1
> Reporter: Jason Mathison
> Priority: Major
>
> We are having an issue where SSLIOSession::decryptData will effectively
> become an endless loop when the size of the inEncryptedBuf buffer is larger
> than the size of the inPlainBuf.
> In this scenario the doUnwrap completely fills up the inPlainBuf. This
> causes the
> if (inPlainBuf.hasRemaining())
> to return false and never clear anything out of the inPlainBuf buffer.
> From what we can tell the
> if (inPlainBuf.hasRemaining()) {
> should be removed, as it is in error. There is no reason that this buffer
> being full should prevent it from being emptied.
> We verified that removing this code from 5.1.2 resolved the issue we were
> facing, along with all tests continuing to pass. There does not appear to be
> any change to this code in 5.2 alpha.
> This issue shows up when we use BouncyCastle for FIPS validated TLS, as it
> creates a larger inEncryptedBuf then the SUN stack. This issue is completely
> reproducible when we get a large response from our endpoint.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
