Hi Security-dev, Here's a patch for bug7172149, could anybody please help to take a look? http://cr.openjdk.java.net/~luchsh/7172149/
The problem is that the range check in Signature.verify(byte[], int, int) uses integer value to check whether (offset + length) is greater than signature.length, but if (offset + length) overflows the check will fail and ArrayIndexOutOfBoundsException will be thrown instead of IllegalArgumentException.My proposed solution is to make a conversion to long in the if block.
Thanks! - Jonathan
