[PATCH FOR REVIEW] Potential Buffer Overflow in java_props_md.c (original) (raw)
Andrew Hughes ahughes at redhat.com
Wed Aug 1 21🔞04 UTC 2012
- Previous message: [PATCH FOR REVIEW] Potential Buffer Overflow in java_props_md.c
- Next message: [PATCH FOR REVIEW] Potential Buffer Overflow in java_props_md.c
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
----- Original Message -----
On 01/08/2012 14:52, Andrew Hughes wrote: > : > > > In any case, there is a Sun bug open for this: > > 6844255: Potential stack corruption in GetJavaProperties > > Can I take it that I can just get on and push Omair's extended > version now then, > with that bug ID? Yes, go ahead, I should have said that in my mail.
Thanks.
Done: http://mail.openjdk.java.net/pipermail/core-libs-dev/2012-August/010993.html
with Omair as author and yourself and I as reviewers.
> Well, the locale can be set be an environment variable, so it could > potentially > be anything of any length... > > The Debian bug posted above has an example, though I couldn't > replicate it. > I couldn't replicate it either and was just curious if anyone managed to demonstrate it.
Yeah, I tend to think it's more potentially exploitable rather than something that's actually been hit.
-Alan.
Thanks,
Andrew :)
Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com)
PGP Key: 248BDC07 (https://keys.indymedia.org/) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07
- Previous message: [PATCH FOR REVIEW] Potential Buffer Overflow in java_props_md.c
- Next message: [PATCH FOR REVIEW] Potential Buffer Overflow in java_props_md.c
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]