Thanks for the review, Xuelei. I'll make that change and run it through the tests.
--Jamil -------- Original message -------- From: Xuelei Fan <[email protected]> Date: 01/22/2015 4:26 PM (GMT-08:00) To: [email protected] Subject: Re: RFR 8044860: Vectors and fixed length fields should be verified for allowed sizes I may use SSLProtocolException if the size of session ID is bigger than 32. Otherwise, looks fine to me. Xuelei On 1/23/2015 2:35 AM, Jamil Nimeh wrote: > Hi all, > > This review is to provide length checks on the session ID for SSL/TLS > connections. It appears to be the only vector/array that needs > additional length-checks to make sure it's not exceeding 32 bytes. > > Bug: https://bugs.openjdk.java.net/browse/JDK-8044860 > Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8044860/webrev.01 > > Thanks, > --Jamil
