< prev index next >
src/share/classes/sun/security/ssl/SSLSocketInputRecord.java
Print this page
rev 14411 : 8228757: Fail fast if the handshake type is unknown
Reviewed-by: jnimeh
*** 300,311 ****
handshakeBuffer.rewind();
break;
}
handshakeFrag.mark();
! // skip the first byte: handshake type
byte handshakeType = handshakeFrag.get();
int handshakeBodyLen = Record.getInt24(handshakeFrag);
if (handshakeBodyLen > SSLConfiguration.maxHandshakeMessageSize) {
throw new SSLProtocolException(
"The size of the handshake message ("
+ handshakeBodyLen
--- 300,318 ----
handshakeBuffer.rewind();
break;
}
handshakeFrag.mark();
!
! // Fail fast for unknown handshake message.
byte handshakeType = handshakeFrag.get();
+ if (!SSLHandshake.isKnown(handshakeType)) {
+ throw new SSLProtocolException(
+ "Unknown handshake type size, Handshake.msg_type = " +
+ (handshakeType & 0xFF));
+ }
+
int handshakeBodyLen = Record.getInt24(handshakeFrag);
if (handshakeBodyLen > SSLConfiguration.maxHandshakeMessageSize) {
throw new SSLProtocolException(
"The size of the handshake message ("
+ handshakeBodyLen
< prev index next >