[jboss-cvs] JBossAS SVN: r110541 - projects/security/security-jboss-sx/branches/2.0.4.SP4_SECURITY-563/jbosssx/src/main/java/org/jboss/resource/security.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Fri Feb 4 10:59:11 EST 2011


Author: raggz
Date: 2011-02-04 10:59:11 -0500 (Fri, 04 Feb 2011)
New Revision: 110541

Modified:
   projects/security/security-jboss-sx/branches/2.0.4.SP4_SECURITY-563/jbosssx/src/main/java/org/jboss/resource/security/SecureIdentityLoginModule.java
Log:
Back port of JIRA SECURITY-563.


Modified: projects/security/security-jboss-sx/branches/2.0.4.SP4_SECURITY-563/jbosssx/src/main/java/org/jboss/resource/security/SecureIdentityLoginModule.java
===================================================================
--- projects/security/security-jboss-sx/branches/2.0.4.SP4_SECURITY-563/jbosssx/src/main/java/org/jboss/resource/security/SecureIdentityLoginModule.java	2011-02-04 15:47:47 UTC (rev 110540)
+++ projects/security/security-jboss-sx/branches/2.0.4.SP4_SECURITY-563/jbosssx/src/main/java/org/jboss/resource/security/SecureIdentityLoginModule.java	2011-02-04 15:59:11 UTC (rev 110541)
@@ -187,6 +187,14 @@
          {
             encoding[i + pad] = old[i];
          }
+	 //SECURITY-563: handle negative numbers
+         if (n.signum() == -1)
+         {
+            for (int i = 0; i < newLength - length; i++)
+            {
+               encoding[i] = (byte) -1;
+            }
+         }
       }
       
       Cipher cipher = Cipher.getInstance("Blowfish");
@@ -205,4 +213,4 @@
       String encode = encode(args[0]);
       System.out.println("Encoded password: "+encode);
    }
-}
\ No newline at end of file
+}



More information about the jboss-cvs-commits mailing list