-
Bug
-
Resolution: Done
-
Critical
-
None
-
None
-
None
Coverity found possible division by zero code.
KeyStoreCredentialStore.java
private byte[] pkcs7Pad(byte[] buffer, int blockSize) { int len = buffer.length; int toFill = blockSize - (len % blockSize); byte[] padded = Arrays.copyOf(buffer, toFill + len); Arrays.fill(padded, len, padded.length, (byte) toFill); return padded; }
blockSize could be 0 as encrypt.getBlockSize() return 0 if used algorithm is not blocked-based. Although default cyptographic algoritm is block-based DEFAULT_CRYPTOGRAPHIC_ALGORITHM = "AES/CBC/NoPadding" , this is configurable with cryptoAlg option and thus non-block-based algorithm can be configured.
- clones
-
JBEAP-10076 Coverity, division by zero in KeyStoreCredentialStore (Elytron)
- Closed