RFR: 8345012: os::build_agent_function_name potentially wastes a byte when allocating the buffer [v3]
David Holmes
dholmes at openjdk.org
Sat Nov 30 04:39:43 UTC 2024
On Fri, 29 Nov 2024 06:55:38 GMT, Thomas Stuefe <stuefe at openjdk.org> wrote:
>>> I think there is a preexisting error in that `name_len` is fed as `size` parameter to `strncat`. Since the buffer is already partly filled at that point, we cannot use the full buffer size but should use the size of the remaining space in the buffer.
>>
>> @tstuefe `name_len` is the length of the lib-name being concatenated, not the length of the buffer.
>
>> > I think there is a preexisting error in that `name_len` is fed as `size` parameter to `strncat`. Since the buffer is already partly filled at that point, we cannot use the full buffer size but should use the size of the remaining space in the buffer.
>>
>> @tstuefe `name_len` is the length of the lib-name being concatenated, not the length of the buffer.
>
> Okay, my fault. I thought the purpose is buffer overflow protection.
Thanks for looking at this further @tstuefe .
> I would consider adding a test for prefix (libname must start with prefix) and possibly suffix. We handle this partly with if (name_len <= (prefix_len + suffix_len)) { return null }, ...
The code is not attempting to identify malformed names as such - the check you quote is a simple fast-exit - but simply ensuring all valid forms of the name are correctly handled. Anything else just results in "not found".
-------------
PR Comment: https://git.openjdk.org/jdk/pull/22404#issuecomment-2508826472
More information about the hotspot-runtime-dev
mailing list