You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Chris Harris <ch...@thunderhead.com> on 2007/01/24 13:46:23 UTC
BufferOverflowException when encrypting large documents
Hi all,
We have a requirement to encrypt large xml documents and our
experiencing the following error:
Caused by: java.nio.BufferOverflowException
at
java.nio.charset.CoderResult.throwException(CoderResult.java:259)
at
java.lang.StringCoding$CharsetSE.encode(StringCoding.java:340)
at java.lang.StringCoding.encode(StringCoding.java:374)
at java.lang.StringCoding.encode(StringCoding.java:380)
at java.lang.String.getBytes(String.java:590)
at
org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Source)
at
org.apache.xml.security.encryption.XMLCipher.encryptElementContent(Unkno
wn Source)
at
org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown Source)
at
org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.ja
va:455)
After doing some research, I discovered that this is actually being
caused by a bug in the JVM:
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4949631
The sun bug log contains a number of workarounds however to get around
this issue the XMLCipher class would need to change the String before it
calls getBytes. I have attached a patch version of XMLCipher along with
a String utility class.
Is there any chance of getting this into the next release of the
security library?
Regards,
Chris.
Re: BufferOverflowException when encrypting large documents
Posted by Sean Mullan <Se...@Sun.COM>.
Chris Harris wrote:
> Hi all,
>
>
>
> We have a requirement to encrypt large xml documents and our
> experiencing the following error:
>
>
>
> Caused by: java.nio.BufferOverflowException
>
> at
> java.nio.charset.CoderResult.throwException(CoderResult.java:259)
>
> at
> java.lang.StringCoding$CharsetSE.encode(StringCoding.java:340)
>
> at java.lang.StringCoding.encode(StringCoding.java:374)
>
> at java.lang.StringCoding.encode(StringCoding.java:380)
>
> at java.lang.String.getBytes(String.java:590)
>
> at
> org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Source)
>
> at
> org.apache.xml.security.encryption.XMLCipher.encryptElementContent(Unknown
> Source)
>
> at
> org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown Source)
>
> at
> org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:455)
>
>
>
>
>
> After doing some research, I discovered that this is actually being
> caused by a bug in the JVM:
>
>
>
> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4949631
>
>
>
> The sun bug log contains a number of workarounds however to get around
> this issue the XMLCipher class would need to change the String before it
> calls getBytes. I have attached a patch version of XMLCipher along with
> a String utility class.
>
>
>
> Is there any chance of getting this into the next release of the
> security library?
Yes, I don't think it should be a problem. Do you mind opening a bug
(and attach your patch) so we can track this at:
http://issues.apache.org/bugzilla/
And thanks for the patch!
--Sean