Webrevs for 2014/04/15 Security Fixes

Wed Apr 16 13:56:50 UTC 2014

* Alex Bligh <alex at alex.org.uk> [2014-04-16 02:31]:
> On 15 Apr 2014, at 23:16, Andrew Hughes wrote:
> >  - S8035893: JVM_GetVersionInfo fails to zero structure
> 
> This appears to include the change to jvm.cpp but not jdk_util.cpp.
> 
> IE the first hunk is in of the below, but not the second.

Are you sure? Looks like both are in, to me.

> --- openjdk/hotspot/src/share/vm/prims/jvm.cpp~
> +++ openjdk/hotspot/src/share/vm/prims/jvm.cpp
> @@ -4534,7 +4534,7 @@ JVM_END
> 
> JVM_ENTRY(void, JVM_GetVersionInfo(JNIEnv* env, jvm_version_info* info, size_t info_size))
> {
> -  memset(info, 0, sizeof(info_size));
> +  memset(info, 0, info_size);
> 
>  info->jvm_version = Abstract_VM_Version::jvm_version();
>  info->update_version = 0;          /* 0 in HotSpot Express VM */

This is http://hg.openjdk.java.net/jdk6/jdk6/hotspot/rev/3372bc2d29f0

> --- openjdk/jdk/src/share/native/common/jdk_util.c~
> +++ openjdk/jdk/src/share/native/common/jdk_util.c
> @@ -76,7 +76,7 @@ JDK_GetVersionInfo0(jdk_version_info* info, size_t info_size) {
>    }
> 
> 
> -    memset(info, 0, sizeof(info_size));
> +    memset(info, 0, info_size);
>    info->jdk_version = ((jdk_major_version & 0xFF) << 24) |
>                        ((jdk_minor_version & 0xFF) << 16) |
>                        ((jdk_micro_version & 0xFF) << 8)  |
> 

And this is http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/04e4c3ec6516

Thanks,
Omair

-- 
PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681