Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1048

Coverity, ignoring number of bytes read

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 1.1.0.Beta42
    • None
    • None
    • None

      Coverity found error handling of reading stream is not sufficient. There is no check if number of actual read bytes match number of expected read bytes .

      KeyStoreCredentialStore.java
              private byte[] readBytes(ObjectInputStream ois) throws IOException {
            int len = ois.readInt();
            byte[] data = new byte[len];
            ois.read(data, 0, len);
            return data;
        }

      [1] https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=12563831&defectInstanceId=2991439&mergedDefectId=1422737

            rhn-support-ivassile Ilia Vassilev
            mchoma@redhat.com Martin Choma
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: