On Mon, 17 May 2021 12:33:53 GMT, Fabian Meumertzheim <github.com+4312191+fm...@openjdk.org> wrote:
> `sun.security.util.DerIndefLenConverter#convertBytes` does not perform > sufficient checks after calling `#parseValue`, which can overflow `dataPos` > or make it exceed `dataSize`. This can lead to an > `ArrayIndexOutOfBoundsException`. > > The fix is to ensure `dataPos` is in the valid range `[0,dataSize]` after the > call to `parseValue`. This pull request has been closed without being integrated. ------------- PR: https://git.openjdk.java.net/jdk/pull/4058
