You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Jason Mathison (Jira)" <ji...@apache.org> on 2021/11/04 03:09:00 UTC
[jira] [Created] (HTTPCORE-694) Endless loop when encrypted buffer
larger than plaintext buffer
Jason Mathison created HTTPCORE-694:
---------------------------------------
Summary: Endless loop when encrypted buffer larger than plaintext buffer
Key: HTTPCORE-694
URL: https://issues.apache.org/jira/browse/HTTPCORE-694
Project: HttpComponents HttpCore
Issue Type: Bug
Components: HttpCore
Affects Versions: 5.2-alpha1, 5.1.2
Reporter: Jason Mathison
We are having an issue where SSLIOSession::decryptData will effectively become an endless loop when the size of the inEncryptedBuf buffer is larger than the size of the inPlainBuf.
In this scenario the doUnwrap completely fills up the inPlainBuf. This causes the
if (inPlainBuf.hasRemaining())
to return false and never clear anything out of the inPlainBuf buffer.
From what we can tell the
if (inPlainBuf.hasRemaining()) {
This issue shows up when we use BouncyCastle for FIPS validated TLS, along with an intentionally large response.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org