Code Review Request: 8013140: Heap corruption with NetworkInterface.getByInetAddress() and long i/f name
Kurchi Subhra Hazra
kurchi.subhra.hazra at oracle.com
Wed May 1 17:03:39 PDT 2013
Hi,
NetworkInterface.getByInetAddress() was crashing on solaris when the system had a network
interface name longer than 15 characters, due to two instances in the native
code for NetworkInterface where we were copying a char array of size 32 (LIFNAMSIZ)
into a char array of size 16 (IFNAMSIZ), resulting in a buffer overflow with long names.
The fix is to make sure that the space allocated for the interface name is consistent (16/32
bytes depending on the system), and to prevent overflows by using strncpy instead of strcpy.
Bug: http://bugs.sun.com/view_bug.do?bug_id=8013140
Webrev: http://cr.openjdk.java.net/~khazra/8013140/webrev.00/
Thanks,
- Kurchi
More information about the net-dev
mailing list