Request for approval: Bug 100057 - Potential stack corruption in GetJavaProperties

Omair Majid omajid at redhat.com
Wed May 18 14:22:09 UTC 2011


On 05/18/2011 09:56 AM, Alan Bateman wrote:
> Omair Majid wrote:
>> :
>> It looks like this patch still has not been applied to OpenJDK7. I
>> have prepared
>> a webrev that updates this patch so it applies cleanly:
>> http://cr.openjdk.java.net/~omajid/webrevs/stack-overflow-ParserLocale/01/
>>
>>
>> I would appreciate it if someone could take a quick look. I would like
>> to get
>> this into OpenJDK; could someone please get me a bug id?
> I remember Andrew Haley brought this up on the list originally and it
> went through a couple of iterations. The bug that was created at the
> time is still there:
>
> 6844255: Potential stack corruption in GetJavaProperties
>

Thanks for the bug id.

> One thing that I'm still curious about is whether there are actually
> locale strings that do cause problems. Usually the language, country and
> encoding are only a few characters and I don't think I've come across
> variants that could result in a locale string of 64 or more characters
> (I'm not disputing that we should fix this, just curious how this was
> found in the first place).
>

I am curious too; I have not yet seen a reproducer. Perhaps a static 
analysis tool pointed it out? What I do know is that the original 
version of the patch (without all improvements suggested by the folks on 
this mailing list) is still part of IcedTea6.

> The changes that you have in the current webrev look okay to me. The
> question now is what to do with them. At this point only fixes to
> showstopper bugs are allowed. Do you think could you hold on to it until
> there are projects and forests setup for jdk8 and 7 updates?
>

Thanks for reviewing. Of course I can hold on to this, though I may 
forget about it after a few months :). Any idea how long until jdk8 
forests become available?

Cheers,
Omair



More information about the core-libs-dev mailing list