Code Review Request: 8013140: Heap corruption with NetworkInterface.getByInetAddress() and long i/f name
Kurchi Hazra
kurchi.subhra.hazra at oracle.com
Thu May 2 15:11:23 PDT 2013
Thank you, committed now.
- Kurchi
On 5/2/2013 3:50 AM, Alan Bateman wrote:
> On 02/05/2013 01:03, Kurchi Subhra Hazra wrote:
>>
>> Hi,
>>
>> NetworkInterface.getByInetAddress() was crashing on solaris when
>> the system had a network
>> interface name longer than 15 characters, due to two instances in the
>> native
>> code for NetworkInterface where we were copying a char array of size
>> 32 (LIFNAMSIZ)
>> into a char array of size 16 (IFNAMSIZ), resulting in a buffer
>> overflow with long names.
>> The fix is to make sure that the space allocated for the interface
>> name is consistent (16/32
>> bytes depending on the system), and to prevent overflows by using
>> strncpy instead of strcpy.
>>
>> Bug: http://bugs.sun.com/view_bug.do?bug_id=8013140
>> Webrev: http://cr.openjdk.java.net/~khazra/8013140/webrev.00/
>>
>>
>> Thanks,
>> - Kurchi
> A good fine, looks okay to me. An alternative would be sizeof(name)
> but what you have is fine.
>
> -Alan
>
--
-Kurchi
More information about the net-dev
mailing list