8219389: Delegated task created by SSLEngine throws BufferUnderflowException

Reviewed-by: ascarpino

src/java.base/share/classes/sun/security/ssl/ClientHello.java

@@ -803,13 +803,8 @@ final class ClientHello {
                     shc.sslConfig.getEnabledExtensions(
                             SSLHandshake.CLIENT_HELLO);
 
-            ClientHelloMessage chm;
-            try {
-                chm = new ClientHelloMessage(shc, message, enabledExtensions);
-            } catch (Exception e) {
-                throw shc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
-                        "ClientHelloMessage failure", e);
-            }
+            ClientHelloMessage chm =
+                    new ClientHelloMessage(shc, message, enabledExtensions);
             if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
                 SSLLogger.fine("Consuming ClientHello handshake message", chm);
             }

src/java.base/share/classes/sun/security/ssl/HandshakeContext.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,8 @@
 package sun.security.ssl;
 
 import java.io.IOException;
+import java.nio.BufferOverflowException;
+import java.nio.BufferUnderflowException;
 import java.nio.ByteBuffer;
 import java.security.AlgorithmConstraints;
 import java.security.CryptoPrimitive;
@@ -443,6 +445,10 @@ abstract class HandshakeContext implements ConnectionContext {
             throw conContext.fatal(Alert.UNEXPECTED_MESSAGE,
                     "Unsupported handshake message: " +
                     SSLHandshake.nameOf(handshakeType), unsoe);
+        } catch (BufferUnderflowException | BufferOverflowException be) {
+            throw conContext.fatal(Alert.DECODE_ERROR,
+                    "Illegal handshake message: " +
+                    SSLHandshake.nameOf(handshakeType), be);
         }
 
         // update handshake hash after handshake message consumption.

src/java.base/share/classes/sun/security/ssl/PostHandshakeContext.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,8 @@
 package sun.security.ssl;
 
 import java.io.IOException;
+import java.nio.BufferOverflowException;
+import java.nio.BufferUnderflowException;
 import java.nio.ByteBuffer;
 import java.util.ArrayList;
 import java.util.LinkedHashMap;
@@ -74,6 +76,10 @@ final class PostHandshakeContext extends HandshakeContext {
             throw conContext.fatal(Alert.UNEXPECTED_MESSAGE,
                     "Unsupported post-handshake message: " +
                             SSLHandshake.nameOf(handshakeType), unsoe);
+        } catch (BufferUnderflowException | BufferOverflowException be) {
+            throw conContext.fatal(Alert.DECODE_ERROR,
+                    "Illegal handshake message: " +
+                    SSLHandshake.nameOf(handshakeType), be);
         }
     }
 }

test/jdk/javax/net/ssl/interop/ClientHelloBufferUnderflowException.java

@@ -28,7 +28,7 @@
 
 /*
  * @test
- * @bug 8215790
+ * @bug 8215790 8219389
  * @summary Verify exception
  * @modules java.base/sun.security.util
  * @run main/othervm ClientHelloBufferUnderflowException
@@ -45,12 +45,15 @@ public class ClientHelloBufferUnderflowException extends ClientHelloInterOp {
         try {
             (new ClientHelloBufferUnderflowException()).run();
         } catch (SSLHandshakeException e) {
-            System.out.println("Correct exception thrown");
+            System.out.println("Correct exception thrown: " + e);
+            return;
         } catch (Exception e) {
             System.out.println("Failed: Exception not SSLHandShakeException");
             System.out.println(e.getMessage());
             throw e;
         }
+
+        throw new Exception("No expected exception");
     }
 
     @Override
@@ -76,6 +79,7 @@ public class ClientHelloBufferUnderflowException extends ClientHelloInterOp {
         } catch (Exception e) {
             // ignore
         }
+
         return bytes;
     }
 }