[
https://issues.apache.org/jira/browse/WSS-52?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12587722#action_12587722
]
Fred Dushin commented on WSS-52:
--------------------------------
The code in question was removed at r525249:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java?p2=%2Fwebservices%2Fwss4j%2Ftrunk%2Fsrc%2Forg%2Fapache%2Fws%2Fsecurity%2Fhandler%2FWSHandler.java&p1=%2Fwebservices%2Fwss4j%2Ftrunk%2Fsrc%2Forg%2Fapache%2Fws%2Fsecurity%2Fhandler%2FWSHandler.java&r1=525249&r2=525248&view=diff&pathrev=525249
which involved closure of WSS-71
Ruchith, would you have any idea of whether the functionality that was removed
was replaced with anything in Merlin? If so, perhaps this bug can be closed?
> ArrayIndexOutOfBoundsException if certs.length > 1
> --------------------------------------------------
>
> Key: WSS-52
> URL: https://issues.apache.org/jira/browse/WSS-52
> Project: WSS4J
> Issue Type: Bug
> Reporter: Thomas Leonard
> Attachments: wshandler2.patch
>
>
> In WSHandler.java we have (revision 427569):
> X509Certificate[] x509certs = new X509Certificate[certs.length +
> 1];
> // Then add the first certificate ...
> x509certs[0] = cert;
> // ... and the other certificates
> for (int j = 0; j < certs.length; j++) {
> cert = certs[i];
> x509certs[certs.length + j] = cert;
> }
> So, the highest index available in x509certs is "certs.length", while the
> highest index we write to is "certs.length * 2 - 1".
> This code will only work if certs.length < 2.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
