< prev index next >
src/share/classes/sun/security/ssl/SSLEngineInputRecord.java
Print this page
rev 14411 : 8228757: Fail fast if the handshake type is unknown
Reviewed-by: jnimeh
@@ -285,12 +285,19 @@
handshakeBuffer.rewind();
break;
}
handshakeFrag.mark();
- // skip the first byte: handshake type
+
+ // Fail fast for unknown handshake message.
byte handshakeType = handshakeFrag.get();
+ if (!SSLHandshake.isKnown(handshakeType)) {
+ throw new SSLProtocolException(
+ "Unknown handshake type size, Handshake.msg_type = " +
+ (handshakeType & 0xFF));
+ }
+
int handshakeBodyLen = Record.getInt24(handshakeFrag);
if (handshakeBodyLen > SSLConfiguration.maxHandshakeMessageSize) {
throw new SSLProtocolException(
"The size of the handshake message ("
+ handshakeBodyLen
< prev index next >