[jboss-jira] [JBoss JIRA] (ELY-1049) Coverity, division by zero in KeyStoreCredentialStore (Elytron)
Ilia Vassilev (JIRA)
issues at jboss.org
Mon Apr 3 08:10:01 EDT 2017
[ https://issues.jboss.org/browse/ELY-1049?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ilia Vassilev reassigned ELY-1049:
----------------------------------
Assignee: Ilia Vassilev (was: Darran Lofthouse)
> Coverity, division by zero in KeyStoreCredentialStore (Elytron)
> ---------------------------------------------------------------
>
> Key: ELY-1049
> URL: https://issues.jboss.org/browse/ELY-1049
> Project: WildFly Elytron
> Issue Type: Bug
> Reporter: Martin Choma
> Assignee: Ilia Vassilev
> Priority: Critical
>
> Coverity found possible division by zero code.
> https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=12563831&defectInstanceId=2991543&mergedDefectId=1422738
> {code:java|title=KeyStoreCredentialStore.java}
> private byte[] pkcs7Pad(byte[] buffer, int blockSize) {
> int len = buffer.length;
> int toFill = blockSize - (len % blockSize);
> byte[] padded = Arrays.copyOf(buffer, toFill + len);
> Arrays.fill(padded, len, padded.length, (byte) toFill);
> return padded;
> }
> {code}
> blockSize could be 0 as {{encrypt.getBlockSize()}} return 0 if used algorithm is not blocked-based. Although default cyptographic algoritm is block-based {{DEFAULT_CRYPTOGRAPHIC_ALGORITHM = "AES/CBC/NoPadding"}} , this is configurable with {{cryptoAlg}} option and thus non-block-based algorithm can be configured.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list