RFR: 8329961: Buffer overflow in os::Linux::kernel_version [v2]
Johan Sjölen
jsjolen at openjdk.org
Tue Apr 9 13:54:25 UTC 2024
> Hi,
>
> There was a bug in the original implementation of `os::Linux::kernel_version` which this PR fixes. Namely, the comparison `walker != nullptr` is wrong, the intended comparison was `*walker != '\0'` or `walker[0] != '\0'`. This means that if a bad/unexpected version string is encountered the `walker` would read past the string.
>
> We fix this by applying the correct comparison and adding some basic tests.
>
> @luhenry , @robehn. You attempted to create automatic backport branches on this in the original PR, can you check whether this fix also needs to be backported to the mentioned versions? The original PR link is this: https://github.com/openjdk/jdk/pull/17889
Johan Sjölen has updated the pull request incrementally with one additional commit since the last revision:
Upgrade test to fail loudly if a read or write is performed
out of bounds of the string
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/18697/files
- new: https://git.openjdk.org/jdk/pull/18697/files/30d9c254..8882a451
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=18697&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=18697&range=00-01
Stats: 10 lines in 1 file changed: 6 ins; 0 del; 4 mod
Patch: https://git.openjdk.org/jdk/pull/18697.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/18697/head:pull/18697
PR: https://git.openjdk.org/jdk/pull/18697
More information about the hotspot-runtime-dev
mailing list