RFR: 8303669: SelectVersion indexes past the end of the argv array
Adam Sotona
asotona at openjdk.org
Thu May 4 07:22:16 UTC 2023
On Thu, 4 May 2023 06:26:53 GMT, David Holmes <dholmes at openjdk.org> wrote:
>> libjli/java.c's SelectVersion method receives argc and argv but ignores argc in some circumstances an instead checks if *argv == 0 in its while loop, which results in a segmentation fault if the provided array is not NULL terminated.
>>
>> This patch counts down argc in the while loops instead of looking for zero termination.
>>
>> Please review.
>>
>> Thank you,
>> Adam
>
> src/java.base/share/native/libjli/java.c line 1212:
>
>> 1210: *pret = 0;
>> 1211:
>> 1212: while (argc > 0 && *(arg = *argv) == '-') {
>
> AFAICS this loop terminates at line 1388 and nowhere in the loop body does argc get modified. ??
Reference to argc is passed down to GetOpt, where it is updated.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13775#discussion_r1184633184
More information about the core-libs-dev
mailing list