Re: RFR (S): JDK-8149169 - SSLSocketInputRecord.decodeInputRecord buffer overflow

Hi Christoph, Thank you for taking care of this issue. Some minor comments: SSLSocketImpl.java -- 1012if (buffer != null && (buffer.limit() < inputRecord.bytesInCompletePacket(sockInput))) 1013 return 0; 1. It would be nice to keep the line less than 80 characters.

Re: Code Review Request, 8152221 Use try-with-resource in test templates

Great, looks fine. Thanks Max > On Mar 19, 2016, at 10:16 PM, Xuelei Fan wrote: > > Hi, > > Please review this test update for JDK-8152221: > > http://cr.openjdk.java.net/~xuelei/8152221/webrev.00/ > > The templates for SSL/TLS implementation testing are updated to

Code Review Request, 8152221 Use try-with-resource in test templates

Hi, Please review this test update for JDK-8152221: http://cr.openjdk.java.net/~xuelei/8152221/webrev.00/ The templates for SSL/TLS implementation testing are updated to use try-with-resource statements. Thanks, Xuelei

Re: RFR 8140422: Add mechanism to allow non default root CAs to be not subject to algorithm restrictions

Much better, and thank you for fixing the existing mkdir/echo lines too. Just one nit, for this continuation: $(TOOL_CACERTSHASHER) -i $(GENDATA_CACERTSHASHER_IN) \ -o $(GENDATA_CACERTSHASHER) please use tab+4spaces for the second line. No need to resend webrev for that. See

Re: JDK 9 RFR of JDK-8151763; Use more informative format for problem list

Hi Jon, Noted; I'll make that improvement in the next round. Thanks for pointing this out, -Joe On 3/16/2016 4:50 PM, Jonathan Gibbons wrote: On 03/11/2016 07:28 PM, joe darcy wrote: Hello, As Jon Gibbons has noted off-list, the problem list entries can directly include the bug number

RE: RFR (S): JDK-8149169 - SSLSocketInputRecord.decodeInputRecord buffer overflow

Hi Xuelei, thanks for your feedback. I tried to address all your points and made the test case more robust. For SSLSocketImpl I also took the chance to remove 2 unused fields, hope that's ok. And I put the buffer length check in the block of handling non null buffer input. If you are

RFR (S): JDK-8149169 - SSLSocketInputRecord.decodeInputRecord buffer overflow

Hi, I think I've found a way to fix the issue which looks quite reasonable to me. Would you please comment/review it? I've also included a test to reproduce the issue. Webrev: http://cr.openjdk.java.net/~clanger/webrevs/8149169.1/ Bug: https://bugs.openjdk.java.net/browse/JDK-8149169

Re: JDK 9 RFR of JDK-8151763; Use more informative format for problem list

On 03/11/2016 07:28 PM, joe darcy wrote: Hello, As Jon Gibbons has noted off-list, the problem list entries can directly include the bug number associated with the test in question, enabling better reporting. This format should be used rather than the current convention of putting the bug

Re: RFR (S): JDK-8149169 - SSLSocketInputRecord.decodeInputRecord buffer overflow

Looks fine to me. The test passed, and I pushed the changeset. http://hg.openjdk.java.net/jdk9/dev/jdk/rev/d6a0479363ed Thanks, Xuelei On 3/18/2016 5:33 PM, Langer, Christoph wrote: > Sorry, forgot the new webrev: > http://cr.openjdk.java.net/~clanger/webrevs/8149169.2/ > > >>