[jboss-cvs] JBossAS SVN: r110541 - projects/security/security-jboss-sx/branches/2.0.4.SP4_SECURITY-563/jbosssx/src/main/java/org/jboss/resource/security.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Feb 4 10:59:11 EST 2011
Author: raggz
Date: 2011-02-04 10:59:11 -0500 (Fri, 04 Feb 2011)
New Revision: 110541
Modified:
projects/security/security-jboss-sx/branches/2.0.4.SP4_SECURITY-563/jbosssx/src/main/java/org/jboss/resource/security/SecureIdentityLoginModule.java
Log:
Back port of JIRA SECURITY-563.
Modified: projects/security/security-jboss-sx/branches/2.0.4.SP4_SECURITY-563/jbosssx/src/main/java/org/jboss/resource/security/SecureIdentityLoginModule.java
===================================================================
--- projects/security/security-jboss-sx/branches/2.0.4.SP4_SECURITY-563/jbosssx/src/main/java/org/jboss/resource/security/SecureIdentityLoginModule.java 2011-02-04 15:47:47 UTC (rev 110540)
+++ projects/security/security-jboss-sx/branches/2.0.4.SP4_SECURITY-563/jbosssx/src/main/java/org/jboss/resource/security/SecureIdentityLoginModule.java 2011-02-04 15:59:11 UTC (rev 110541)
@@ -187,6 +187,14 @@
{
encoding[i + pad] = old[i];
}
+ //SECURITY-563: handle negative numbers
+ if (n.signum() == -1)
+ {
+ for (int i = 0; i < newLength - length; i++)
+ {
+ encoding[i] = (byte) -1;
+ }
+ }
}
Cipher cipher = Cipher.getInstance("Blowfish");
@@ -205,4 +213,4 @@
String encode = encode(args[0]);
System.out.println("Encoded password: "+encode);
}
-}
\ No newline at end of file
+}
More information about the jboss-cvs-commits
mailing list