Martin Choma created ELY-1049:
---------------------------------
Summary: Coverity, division by zero in KeyStoreCredentialStore (Elytron)
Key: ELY-1049
URL:
https://issues.jboss.org/browse/ELY-1049
Project: WildFly Elytron
Issue Type: Bug
Reporter: Martin Choma
Assignee: Darran Lofthouse
Priority: Critical
Coverity found possible division by zero code.
https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=12563...
{code:java|title=KeyStoreCredentialStore.java}
private byte[] pkcs7Pad(byte[] buffer, int blockSize) {
int len = buffer.length;
int toFill = blockSize - (len % blockSize);
byte[] padded = Arrays.copyOf(buffer, toFill + len);
Arrays.fill(padded, len, padded.length, (byte) toFill);
return padded;
}
{code}
blockSize could be 0 as {{encrypt.getBlockSize()}} return 0 if used algorithm is not
blocked-based. Although default cyptographic algoritm is block-based
{{DEFAULT_CRYPTOGRAPHIC_ALGORITHM = "AES/CBC/NoPadding"}} , this is configurable
with {{cryptoAlg}} option and thus non-block-based algorithm can be configured.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)