Request for approval: Bug 100057 (original) (raw)
Request for approval: Bug 100057 - Potential stack corruption in GetJavaProperties
Andrew Haley aph at redhat.com
Fri May 22 11:10:00 UTC 2009
- Previous message: Request for approval: fix 4428022, System.out.println(0.001) outputs 0.0010
- Next message: Request for approval: Bug 100057 - Potential stack corruption in GetJavaProperties
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
https://bugs.openjdk.java.net/show_bug.cgi?id=100057
GetJavaProperties has a stack-allocated fixed size buffer for holding a copy of a string returned by setlocale(3). However, there is no guarantee that the string will fit into this buffer.
This one is probably due to Solaris code being reused for Linux. The patch has been in IcedTea for a long while.
OK to push, OpenJDK 7 and 6?
Andrew.
--- oldopenjdk6/jdk/src/solaris/native/java/lang/java_props_md.c 2008-08-28 04:15:51.000000000 -0400 +++ openjdk/jdk/src/solaris/native/java/lang/java_props_md.c 2008-09-15 10:37:26.000000000 -0400 @@ -211,7 +211,9 @@ * _.@ * , , and are optional. */
char temp[64];
char * temp;temp = (char*) malloc(strlen(lc)+1);char *language = NULL, *country = NULL, *variant = NULL, *encoding = NULL; char *std_language = NULL, *std_country = NULL, *std_variant = NULL,
@@ -323,6 +325,9 @@ /* return same result nl_langinfo would return for en_UK, * in order to use optimizations. */ std_encoding = (*p != '\0') ? p : "ISO8859-1"; +
/* Free temp */free(temp);
#ifdef linux
- Previous message: Request for approval: fix 4428022, System.out.println(0.001) outputs 0.0010
- Next message: Request for approval: Bug 100057 - Potential stack corruption in GetJavaProperties
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]