Uploaded image for project: 'WSS4J'
  1. WSS4J
  2. WSS-324

org.apache.ws.security.str.SignatureSTRParser throws ArrayIndexOutOfBoundsException: 0 when crypto returns zero-length array of certificates

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Trivial
    • Resolution: Fixed
    • 1.6.3
    • 1.6.4
    • WSS4J Handlers
    • None

    Description

      Line 191 and below:

      X509Certificate[] foundCerts = secRef.getX509IssuerSerial(crypto);
      if (foundCerts != null) {
      certs = new X509Certificate[]

      {foundCerts[0]};
      }

      Should be:
      X509Certificate[] foundCerts = secRef.getX509IssuerSerial(crypto);
      if (foundCerts != null && foundCerts.length > 0) {
      certs = new X509Certificate[]{foundCerts[0]}

      ;
      }

      Attachments

        Activity

          People

            coheigea Colm O hEigeartaigh
            marekcyzio Marek Cyzio
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - 2h
                2h
                Remaining:
                Remaining Estimate - 2h
                2h
                Logged:
                Time Spent - Not Specified
                Not Specified