< prev index next >

src/share/classes/sun/security/ssl/SSLSocketInputRecord.java

Print this page
rev 14411 : 8228757: Fail fast if the handshake type is unknown
Reviewed-by: jnimeh

*** 300,311 **** handshakeBuffer.rewind(); break; } handshakeFrag.mark(); ! // skip the first byte: handshake type byte handshakeType = handshakeFrag.get(); int handshakeBodyLen = Record.getInt24(handshakeFrag); if (handshakeBodyLen > SSLConfiguration.maxHandshakeMessageSize) { throw new SSLProtocolException( "The size of the handshake message (" + handshakeBodyLen --- 300,318 ---- handshakeBuffer.rewind(); break; } handshakeFrag.mark(); ! ! // Fail fast for unknown handshake message. byte handshakeType = handshakeFrag.get(); + if (!SSLHandshake.isKnown(handshakeType)) { + throw new SSLProtocolException( + "Unknown handshake type size, Handshake.msg_type = " + + (handshakeType & 0xFF)); + } + int handshakeBodyLen = Record.getInt24(handshakeFrag); if (handshakeBodyLen > SSLConfiguration.maxHandshakeMessageSize) { throw new SSLProtocolException( "The size of the handshake message (" + handshakeBodyLen
< prev index next >