From 3a41c2175c622a1cc4e8470b1fff6d51a10fe462 Mon Sep 17 00:00:00 2001
From: Anthony Scarpino <ascarpino@openjdk.org>
Date: Thu, 17 Nov 2016 09:51:10 -0800
Subject: [PATCH] 8168705: Better ObjectIdentifier validation

Reviewed-by: mullan, asmotrak, ahgross
---
 .../share/classes/sun/security/util/ObjectIdentifier.java | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/jdk/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java b/jdk/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java
index 0e9bd41a71c..12aabe6f071 100644
--- a/jdk/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java
+++ b/jdk/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java
@@ -255,7 +255,13 @@ class ObjectIdentifier implements Serializable
                 + " (tag = " +  type_id + ")"
                 );
 
-        encoding = new byte[in.getDefiniteLength()];
+        int len = in.getDefiniteLength();
+        if (len > in.available()) {
+            throw new IOException("ObjectIdentifier() -- length exceeds" +
+                    "data available.  Length: " + len + ", Available: " +
+                    in.available());
+        }
+        encoding = new byte[len];
         in.getBytes(encoding);
         check(encoding);
     }