RFR(xs): 8155574: ClassLoader::initialize_module_loader_map crashes if the char_buf is not NULL terminated
Jiangli Zhou
jiangli.zhou at oracle.com
Fri May 6 16:08:41 UTC 2016
> On May 6, 2016, at 4:14 AM, Ioi Lam <ioi.lam at oracle.com> wrote:
>
> Hi Calvin,
>
> char* char_buf = (char*)buffer;
> - int buflen = (int)strlen(char_buf);
> char* begin_ptr = char_buf;
> char* end_ptr = strchr(begin_ptr, '\n');
>
> The strchr() function also expects the buffer to be NUL terminated. So you might have problem later
>
> 985 end_ptr = strchr(begin_ptr, '\n'); <<<<< HERE
> 986 }
>
> It will be must safer if you allocate an extra byte, and explicitly set it to zero:
>
> char* buffer = NEW_RESOURCE_ARRAY(char, size+1);
> buffer[size] = '\0’;
Good catch. Allocating with an extra byte is a safer solution here.
Thanks,
Jiangli
>
> Thanks
> - Ioi
>
>
>
> On 5/5/16 11:20 AM, Calvin Cheung wrote:
>>
>> Please review this small change for fixing char_buf may not be NULL terminated.
>> Instead of finding the length of char_buf by using strlen(), this fix uses the size returned from JImageFindResource().
>>
>> bug: https://bugs.openjdk.java.net/browse/JDK-8155574
>> webrev: http://cr.openjdk.java.net/~ccheung/8155574/webrev.00/
>>
>> Testing:
>> JPRT
>> RBT on hotspot_runtime
>>
>> thanks,
>> Calvin
>
More information about the hotspot-runtime-dev
mailing list