[jdk17u-dev] RFR: 8299677: Formatter.format might take a long time to format an integer or floating-point
Paul Hohensee
phh at openjdk.org
Tue Jan 17 17:18:30 UTC 2023
Simple almost clean backport of a potential DOS attack vector fix. Changed
Flags.contains(f, Flags.ZERO_PAD)
to
f.contains(Flags.ZERO_PAD)
Passes new and old Formatter tests.
-------------
Commit messages:
- Backport 33412c102ce799ff2de3512df77e6e07d76acd36
Changes: https://git.openjdk.org/jdk17u-dev/pull/1077/files
Webrev: https://webrevs.openjdk.org/?repo=jdk17u-dev&pr=1077&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8299677
Stats: 318 lines in 2 files changed: 313 ins; 1 del; 4 mod
Patch: https://git.openjdk.org/jdk17u-dev/pull/1077.diff
Fetch: git fetch https://git.openjdk.org/jdk17u-dev pull/1077/head:pull/1077
PR: https://git.openjdk.org/jdk17u-dev/pull/1077
More information about the jdk-updates-dev
mailing list