MessageUtils JVM crash
Marc Schoenefeld
mschoene at redhat.com
Tue Jun 16 16:46:33 UTC 2009
Hi,
originally I wrote a fuzzing tool to test all native functions in jdk131
, then gave a list of the results to the Sun representatives at RSA
conference 2003.
Unfortunately I never received any reaction to this bug report, nor were
the bugs fixed. So I put the bugs in a drawer, but used the chance to
write a fix
for OpenJDK.
Setting the parameter to null could allow an attacker to conduct denial
of service attacks:
-
http://www.blackhat.com/presentations/win-usa-03/bh-win-03-schoenfeld.pdf
or
- http://seclists.org/bugtraq/2003/Sep/0270.html
Cheers
Marc
Lillian Angel wrote:
> Alan Bateman wrote:
>> Lillian Angel wrote:
>>> Hi,
>>>
>>> I opened a bug report about a JVM crash. Test case and patch are
>>> attached.
>>>
>>> https://bugs.openjdk.java.net/show_bug.cgi?id=100074
>>>
>>>
>>> Cheers,
>>> Lillian
>> Out of curiosity, how did you run into this? Just wondering if there
>> is somewhere in the JDK that does call it with null (I see the test
>> case is calling sun.misc.MessageUtil directly, somewhere that
>> applications should never do).
>
>
> I have CC'ed Marc Schoenfeld, he initially ran into this problem.
>
>
> Lillian
--
Marc Schoenefeld / Red Hat Security Response Team
More information about the core-libs-dev
mailing list