[8u] RFR (S) 8165936: Potential Heap buffer overflow when seaching timezone info files
Aleksey Shipilev
shade at redhat.com
Mon Mar 30 10:33:24 UTC 2020
Original bug:
https://bugs.openjdk.java.net/browse/JDK-8165936
https://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/8ec0559cbd7e
Unfortunately, the patch does apply directly to 8u:
- TimeZone_md.c for unixes is actually in "solaris" folder
- ...and then the context is different enough for fuzz to fail
8u webrev:
https://cr.openjdk.java.net/~shade/8165936/webrev.8u.01/
Testing: tier1
--
Thanks,
-Aleksey
More information about the jdk8u-dev
mailing list