From db89805fe0329ba66fd29d97890af34a3633514d Mon Sep 17 00:00:00 2001
From: Ivan Gerasimov <igerasim@openjdk.org>
Date: Fri, 18 Jan 2019 15:44:17 -0800
Subject: [PATCH] 8217344: Make comparison overflow-aware in
 ECDHKeyAgreement.engineGenerateSecret()

Reviewed-by: apetcher
---
 .../share/classes/sun/security/ec/ECDHKeyAgreement.java       | 4 ++--
 .../share/classes/sun/security/ec/ECDSASignature.java         | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDHKeyAgreement.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDHKeyAgreement.java
index 9540a2d0e7c..20558211f3e 100644
--- a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDHKeyAgreement.java
+++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDHKeyAgreement.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -178,7 +178,7 @@ public final class ECDHKeyAgreement extends KeyAgreementSpi {
     @Override
     protected int engineGenerateSecret(byte[] sharedSecret, int
             offset) throws IllegalStateException, ShortBufferException {
-        if (offset + secretLen > sharedSecret.length) {
+        if (secretLen > sharedSecret.length - offset) {
             throw new ShortBufferException("Need " + secretLen
                 + " bytes, only " + (sharedSecret.length - offset)
                 + " available");
diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSASignature.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSASignature.java
index 9a7a671b062..c207520a192 100644
--- a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSASignature.java
+++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSASignature.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -163,7 +163,7 @@ abstract class ECDSASignature extends SignatureSpi {
             if (len <= 0) {
                 return;
             }
-            if (offset + len >= precomputedDigest.length) {
+            if (len >= precomputedDigest.length - offset) {
                 offset = RAW_ECDSA_MAX + 1;
                 return;
             }