Hi Valerie or Vinnie
Please take a review on this fix
http://cr.openjdk.java.net/~weijun/8012082/webrev.00/
Bug is
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8012082
The problem is that a single MessageProp is used in all wrap and unwrap
calls and the output value is not checked.
After the output check, it looks like it's OK to share the MessageProp
object (because once it's changed, an exception is thrown), but I create
one for each wrap/unwrap to be safe and clean, and I don't know if there
are applications trying to "recover" from an exception.
This is not a security issue, it's after the peer establishing the
security context, therefore already authenticated.
Thanks
Max
