RFR: 8303669: SelectVersion indexes past the end of the argv array
Alan Bateman
alanb at openjdk.org
Thu May 4 06:50:16 UTC 2023
On Wed, 3 May 2023 12:03:34 GMT, Adam Sotona <asotona at openjdk.org> wrote:
> libjli/java.c's SelectVersion method receives argc and argv but ignores argc in some circumstances an instead checks if *argv == 0 in its while loop, which results in a segmentation fault if the provided array is not NULL terminated.
>
> This patch counts down argc in the while loops instead of looking for zero termination.
>
> Please review.
>
> Thank you,
> Adam
I think this bug report is a reminder that we need to figure out if JLI was documented at some point, it's surprising to have something outside of the JDK using it directly.
Also are you planning to add a test for this?
-------------
PR Comment: https://git.openjdk.org/jdk/pull/13775#issuecomment-1534173309
More information about the core-libs-dev
mailing list