On Fri, 9 Apr 2021 05:55:40 GMT, Jamil Nimeh <jni...@openjdk.org> wrote:
>> Xue-Lei Andrew Fan has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Change to use decode_error for incorrect extension length > > src/java.base/share/classes/sun/security/ssl/SSLExtensions.java line 68: > >> 66: Alert.ILLEGAL_PARAMETER, >> 67: "Insufficient extensions data"); >> 68: } > > For both of these blocks the checks themselves look OK, but illegal_parameter > I thought was more for cases where a field value is out of range or > inconsistent with already negotiated parameters. I would think that > decode_error would be more appropriate to cases like this where the encoding > is structurally incorrect and the length doesn't match the actual data size. Good catch! Updated to use decode_error. ------------- PR: https://git.openjdk.java.net/jdk/pull/3405
