IBM Support

IV67766: ISSUE FOR NEGATIVE BYTE MAJOR RECORD VERSION

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Error Message: During the checking of invalid record version, a
    byte to byte comparingis coded as:if (...recordVersion.major >
    ProtocolVersion.MAX.major) {throw new
    SSLException}"recordVersion.major" and
    "ProtocolVersion.MAX.major" is byte type,which is signed.  If
    the major version is "0xa9", recordVersion.major isa negative
    value (-87).  If ProtocolVersion.MAX.major is positive,
    thechecking above does not work any more.
    .
    Stack Trace: N.A.
    .
    

Local fix

Problem summary

  • The current implementation cannot catch the bad record version
    if the major version byte is negative.
    

Problem conclusion

  • Convert byte to positive integer before making comparison.The
    corresponding Austin defect is 116146.The corresponding Hursley
    defect is 202573.The corresponding RTC Problem Report is
    80540.Platform affected: All platforms.JVMs affected: 5.0, 6.0,
    6.26, 7.0, 7.27.Jars affected: ibmjsseprovider2.jar.The fix will
    be available in 150_SR16_FP9, 160_SR16_FP3, 626_SR8_FP3,
    170_SR8_FP10, 727_SR2_FP10.Build level is 20141201.
    .
    This APAR will be fixed in the following Java Releases:
       6 R1 SR8 FP3   (6.1.8.3)
       7    SR8 FP10  (7.0.8.10)
       7 R1 SR2 FP10  (7.1.2.10)
       6    SR16 FP3  (6.0.16.3)
       5.0  SR16 FP9  (5.0.16.9)
    .
    Contact your IBM Product's Service Team for these Service
    Refreshes and Fix Packs.
    For those running stand-alone, information about the Service
    Refreshes and Fix Packs can be found at:
               https://www.ibm.com/developerworks/java/jdk/
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV67766

  • Reported component name

    JAVA 5 SECURITY

  • Reported component ID

    620500125

  • Reported release

    500

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2014-12-10

  • Closed date

    2014-12-10

  • Last modified date

    2014-12-12

  • APAR is sysrouted FROM one or more of the following:

    IV67765

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    JAVA 5 SECURITY

  • Fixed component ID

    620500125

Applicable component levels

  • R500 PSY

       UP



Document information

More support for: Runtimes for Java Technology
Security

Software version: 5.0

Reference #: IV67766

Modified date: 12 December 2014