RFR(S): 8038233 : Fix unsafe strcpy in Java_sun_tools_attach_{Aix, Bsd, Linux}VirtualMachine_connect() (original) (raw)

Volker Simonis volker.simonis at gmail.com
Fri Mar 28 15:41:27 UTC 2014

Hi Dimitry,

sorry, but I already pushed the change.

However I don't think this is a big problem because:

The only problematic case would be if the file is a listening socket of another process with appropriate permissions which should be extremely unlikely.

But in theory you're right - we may want to fix that as well.

Regards, Volker

On Fri, Mar 28, 2014 at 2:46 PM, Dmitry Samersoff <dmitry.samersoff at oracle.com> wrote:

Volker,

I think we should check the length of passed filename and throw an exception if filename is too long. Otherwise we can end up opening wrong file with possibly not expected permissions. -Dmitry On 2014-03-27 22:08, Volker Simonis wrote: Hi,

a security audit for the PPC64/AIX port revealed an unsecure useage of 'strcpy' in JavasuntoolsattachAixVirtualMachineconnect(). Because the same coding is also used in the Linux and BSD implementations, the following change fixes them all together: http://cr.openjdk.java.net/~simonis/webrevs/8038233/ https://bugs.openjdk.java.net/browse/JDK-8038233 Compiled and tested (with the com/sun/jdi, com/sun/tools/attach, com/sun/management and sun/management JTreg tests) on Linux, MacOS X and AIX. Please notice that this fix is also intended for backporting tu 8u. Thank you and best regards, Volker

-- Dmitry Samersoff Oracle Java development team, Saint Petersburg, Russia * I would love to change the world, but they won't give me the sources.

More information about the core-libs-dev mailing list