Request for approval: Bug 100057 (original) (raw)

Request for approval: Bug 100057 - Potential stack corruption in GetJavaProperties

David Holmes - Sun Microsystems David.Holmes at Sun.COM
Fri May 22 11:34:20 UTC 2009

Hi Andrew,

If you use malloc then you have to check for a NULL return and deal with the error possibility.

Alternatively use strncpy to make sure it's safe and continue to assume that it will be big enough.

Cheers, David Holmes

Andrew Haley said the following on 05/22/09 21:10:

https://bugs.openjdk.java.net/showbug.cgi?id=100057

GetJavaProperties has a stack-allocated fixed size buffer for holding a copy of a string returned by setlocale(3). However, there is no guarantee that the string will fit into this buffer. This one is probably due to Solaris code being reused for Linux. The patch has been in IcedTea for a long while. OK to push, OpenJDK 7 and 6? Andrew.

--- oldopenjdk6/jdk/src/solaris/native/java/lang/javapropsmd.c 2008-08-28 04:15:51.000000000 -0400 +++ openjdk/jdk/src/solaris/native/java/lang/javapropsmd.c 2008-09-15 10:37:26.000000000 -0400 @@ -211,7 +211,9 @@ * .@ * , , and are optional. */ - char temp[64]; + char * temp; + temp = (char*) malloc(strlen(lc)+1); + char *language = NULL, *country = NULL, *variant = NULL, *encoding = NULL; char *stdlanguage = NULL, *stdcountry = NULL, *stdvariant = NULL, @@ -323,6 +325,9 @@ /* return same result nllanginfo would return for enUK, * in order to use optimizations. */ stdencoding = (*p != '\0') ? p : "ISO8859-1"; + + /* Free temp */ + free(temp); #ifdef linux

More information about the core-libs-dev mailing list