DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=41494>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41494 Summary: BufferOverflowException when encrypting large documents Product: Security Version: unspecified Platform: All URL: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=49496 31 OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Encryption AssignedTo: security-dev@xml.apache.org ReportedBy: [EMAIL PROTECTED] From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: 24 January 2007 14:54 To: security-dev@xml.apache.org Subject: Re: BufferOverflowException when encrypting large documents Chris Harris wrote: > Hi all, > > > > We have a requirement to encrypt large xml documents and our > experiencing the following error: > > > > Caused by: java.nio.BufferOverflowException > > at > java.nio.charset.CoderResult.throwException(CoderResult.java:259) > > at > java.lang.StringCoding$CharsetSE.encode(StringCoding.java:340) > > at java.lang.StringCoding.encode(StringCoding.java:374) > > at java.lang.StringCoding.encode(StringCoding.java:380) > > at java.lang.String.getBytes(String.java:590) > > at > org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown > Source) > > at > org.apache.xml.security.encryption.XMLCipher.encryptElementContent(Unk > nown > Source) > > at > org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown Source) > > at > org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt. > java:455) > > > > > > After doing some research, I discovered that this is actually being > caused by a bug in the JVM: > > > > http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4949631 > > > > The sun bug log contains a number of workarounds however to get around > this issue the XMLCipher class would need to change the String before > it calls getBytes. I have attached a patch version of XMLCipher along > with a String utility class. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
