VOOZH about

URL: https://www.ibm.com/support/pages/apar/IJ35786

⇱ IJ35786: DERINPUTSTREAM.GETOCTETSTRING() INCORRECTLY RETURNS 'NULL' INSTEAD OF AN EMPTY PADATA BYTE FOR DERVALUE ENCODING OF ZERO LENGTH.

IJ35786: DERINPUTSTREAM.GETOCTETSTRING() INCORRECTLY RETURNS 'NULL' INSTEAD OF AN EMPTY PADATA BYTE FOR DERVALUE ENCODING OF ZERO LENGTH.

APAR status

  • Closed as program error.

Error description

  • Error Message: N/A
.
Stack Trace: Java callstack:
java.lang.NullPointerException
at
com.ibm.security.util.DerOutputStream.write(DerOutputStream.java
:86)
at
com.ibm.security.util.DerOutputStream.putOctetString(DerOutputSt
ream.java:338)
at
com.ibm.security.krb5.internal.PAData.asn1Encode(PAData.java:139
)
at
com.ibm.security.krb5.internal.KDCReq.asn1Encode(KDCReq.java:166
)
at krb5.auto.KDC.processAsReq(KDC.java:1022)
at krb5.auto.KDC.processMessage(KDC.java:753)
at krb5.auto.KDC.access$1(KDC.java:751)
at krb5.auto.KDC$2.run(KDC.java:1435)
.

Local fix

  • N/A

Problem summary

  • DerInputStream.getOctetString() incorrectly returns 'null'
instead of an empty PAData byte<OSB><CSB> for DerValue
encoding of zero length.

Problem conclusion

  • Modified DerInputStream.getOctetString() to return an empty
PAData byte<OSB><CSB> instead of 'null' for DerValue
encoding of zero length.
The files affected by this APAR are: ibmpkcs.jar (Java 7 & 7.1:
build_20211026-309, Java 8: build_20211026-310).
The associated Hursley RTC Problem Report is: PR146436.
The associated Austin Git issue is: Issue #102 for PKCS.
The associated Austin APAR issue is: N/A.
.
This APAR will be fixed in the following Java Releases:
 8 SR7 FP5 (8.0.7.5)
 7 SR11 FP5 (7.0.11.5)
 7 R1 SR5 FP5 (7.1.5.5)
.
Contact your IBM Product's Service Team for these Service
Refreshes and Fix Packs.
For those running stand-alone, information about the available
Service Refreshes and Fix Packs can be found at:
 https://www.ibm.com/developerworks/java/jdk/

Temporary fix



Comments


    



APAR Information




    

  • APAR number
    IJ35786
    • 

  • Reported component name
    SECURITY
    • 

  • Reported component ID
    620700125
    • 

  • Reported release
    270
    • 

  • Status
    CLOSED PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2021-10-26
    • 

  • Closed date
    2021-10-29
    • 

  • Last modified date
    2021-10-29
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    SECURITY
    • 

  • Fixed component ID
    620700125
    • 



Applicable component levels







 
 
 
 

 [{"Line of Business":{"code":"LOB36","label":"IBM Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270"}]
 

 

 
 
 

 

 

 

 

 

 
Document Information


 

 

 Modified date:
 

 30 October 2021