[8u] RFR: 8244225: stringop-overflow warning on strncpy call from compile_the_world_in

Andrew Hughes gnu.andrew at redhat.com
Thu Oct 8 16:03:48 UTC 2020


On 14:23 Tue 01 Sep     , Severin Gehwolf wrote:
> Hi,
> 
> Could I please get a review of this 8u backport? The JDK 11u patch
> doesn't apply cleanly since string_ends_with() function isn't in 8u.
> Therefore, the context is different enough for the patch to not apply
> cleanly. This is in a NOT_PRODUCT() path of the VM and should be low
> risk. I'm proposing this for review for JDK 8u parity.
> 
> Bug: https://bugs.openjdk.java.net/browse/JDK-8244225
> webrev: https://cr.openjdk.java.net/~sgehwolf/webrevs/JDK-8244225/01/webrev/
> 
> Testing: Manual on a fastdebug build of the JVM. Compiling classLoader.o
>          with -Wstringop-overflow. Warning present before the fix and it's
>          gone after.
> 
> Thoughts? I'm not sure if this is worth the churn of doing the
> backport, though.
> 
> Thanks,
> Severin
> 

This looks fine to me. I think it's worth fixing what looks like a potential
buffer overflow, even if it is only in debug code.

Thanks,
-- 
Andrew :)

Senior Free Java Software Engineer
OpenJDK Package Owner
Red Hat, Inc. (http://www.redhat.com)

PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04  C5A0 CFDA 0F9B 3596 4222


More information about the jdk8u-dev mailing list