On Tue, 22 Oct 2024 12:51:45 GMT, Mark Powers <mpow...@openjdk.org> wrote:
>> test/jdk/sun/security/x509/X509CRLImpl/UnexpectedCCE.java line 46:
>>
>>> 44: // "class sun.security.x509.OIDName cannot be cast
>>> 45: // to class sun.security.x509.X500Name"
>>> 46: byte[] encoded_1 = Base64.getDecoder().decode("""
>>
>> Could you add some comments before this line and line 59 as to what is in
>> the CRL that makes the format invalid? (Ex: This CRL contains a
>> CertificateIssuerExtension that is not compliant with RFC 5280 because it
>> does not contain a DN)
>
> The CRL is being constructed from a fuzzed data input stream. All I know is
> that the name in the CertificateIssuerExtension looks like an x509.OIDName in
> the first test, and in the second test it looks like an x509.X400Address.
>
> I can add these two comments to the test:
> "Fuzzed data input stream looks like an x509.OIDName." and
> "Fuzzed data input stream looks like an x509.X400Address.".
Yes, I think that would be helpful, but also say that these are in the
CertificateIssuerExtension so it is more clear what part of the CRL is being
tested for parsing issues.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20528#discussion_r1810840395
