[jcifs] OutOfBounds exception in authenticate

erez erez_levav at newyorklife.com
Thu Apr 30 18:31:10 GMT 2009 

I have been using jcifs for a while in a pilot project to establish SSO
between AD and another system.  A couple of weeks ago, it stopped working.
Since this code was not in daily use, it is hard to pinpoint what was the
chain of events, and it maybe an upgrade of (some) parts of the system,
but I see a new (and needless to say unimproved :) error:

[4/23/09 16:18:49:295 EDT] 00000065 SystemErr     R
java.lang.ArrayIndexOutOfBoundsException
        at java.lang.System.arraycopy(Native Method)
        at jcifs.ntlmssp.Type2Message.toByteArray(Type2Message.java:261)
        at jcifs.http.NtlmSsp.authenticate(NtlmSsp.java:90)
        at nyl.security.ntlm.LookupWindowsSession.processSignonRequest
(LookupWindowsSession.java:508)
        at
nyl.security.ntlm.LookupWindowsSession.doGet(LookupWindowsSession.java:767)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
        at
com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1572)
        at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest
(ServletWrapper.java:762)
        at com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest
(CacheServletWrapper.java:89)
        at
com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1936)
        at
com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:114)
        at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination
(HttpInboundLink.java:472)
        at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation
(HttpInboundLink.java:411)
        at com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete
(HttpICLReadCallback.java:101)
        at
com.ibm.ws.ssl.channel.impl.SSLReadServiceContext$SSLReadCompletedCallback.
complete(SSLReadServiceContext.java:1704)
        at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.
java:566)
        at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java:
619)
        at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java:
952)
        at
com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java:
1039)
        at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1471)

Looking at the code, it is not that complicated, from Tyep2Meesage.java,
here are the lines:

            int data = 32;
            if (context != null) data += 8;
            if (targetInformation != null) data += 8;
            byte[] type2 = new byte[data + target.length +
                    (targetInformation != null ? targetInformation.length : 0)];
            System.arraycopy(NTLMSSP_SIGNATURE, 0, type2, 0, 8);
            writeULong(type2, 8, 2);
            writeSecurityBuffer(type2, 12, data, target);
            writeULong(type2, 20, flags);
  =====>    System.arraycopy(challenge != null ? challenge : new byte[8], 0,
                    type2, 24, 8);
            if (context != null) System.arraycopy(context, 0, type2, 32, 8);
            if (targetInformation != null) {
                writeSecurityBuffer(type2, 40, data + target.length,
                        targetInformation);
            }
            return type2;
        } catch (IOException ex) {
            throw new IllegalStateException(ex.getMessage());
        }
    }

I marked the line that blows up above.
Since I checked and "challenge" is not null, and is longer then 8 bytes,
I can only assume it is "type2" that is the problem -- but why????

Ideas anyone???

jcifs: 1.3.2
OS: Solaris 10 (used to be Sol 9)
Java: 1.5 (used to be 1.4)
Container: WebSphere 6.1

More information about the jcifs mailing list