APAR status
Closed as program error.
Error description
Error Message: N/A . Stack Trace: Java callstack: java.lang.NullPointerException at com.ibm.security.util.DerOutputStream.write(DerOutputStream.java :86) at com.ibm.security.util.DerOutputStream.putOctetString(DerOutputSt ream.java:338) at com.ibm.security.krb5.internal.PAData.asn1Encode(PAData.java:139 ) at com.ibm.security.krb5.internal.KDCReq.asn1Encode(KDCReq.java:166 ) at krb5.auto.KDC.processAsReq(KDC.java:1022) at krb5.auto.KDC.processMessage(KDC.java:753) at krb5.auto.KDC.access$1(KDC.java:751) at krb5.auto.KDC$2.run(KDC.java:1435) .
Local fix
N/A
Problem summary
DerInputStream.getOctetString() incorrectly returns 'null' instead of an empty PAData byte<OSB><CSB> for DerValue encoding of zero length.
Problem conclusion
Modified DerInputStream.getOctetString() to return an empty PAData byte<OSB><CSB> instead of 'null' for DerValue encoding of zero length. The files affected by this APAR are: ibmpkcs.jar (Java 7 & 7.1: build_20211026-309, Java 8: build_20211026-310). The associated Hursley RTC Problem Report is: PR146436. The associated Austin Git issue is: Issue #102 for PKCS. The associated Austin APAR issue is: N/A. . This APAR will be fixed in the following Java Releases: 8 SR7 FP5 (8.0.7.5) 7 SR11 FP5 (7.0.11.5) 7 R1 SR5 FP5 (7.1.5.5) . Contact your IBM Product's Service Team for these Service Refreshes and Fix Packs. For those running stand-alone, information about the available Service Refreshes and Fix Packs can be found at: https://www.ibm.com/developerworks/java/jdk/
Temporary fix
Comments
APAR Information
APAR number
IJ35786
Reported component name
SECURITY
Reported component ID
620700125
Reported release
270
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2021-10-26
Closed date
2021-10-29
Last modified date
2021-10-29
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
SECURITY
Fixed component ID
620700125
Applicable component levels
[{"Line of Business":{"code":"LOB36","label":"IBM Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270"}]
Document Information
Modified date:
30 October 2021