RFR: 8229378: jdwp library loader in linker_md.c quietly truncates on buffer overflow
Daniel D. Daugherty
daniel.daugherty at oracle.com
Tue Aug 13 15:48:31 UTC 2019
I don't see any information about how this change was tested...
Is there something on another email thread?
Dan
On 8/13/19 11:41 AM, Adam Farley8 wrote:
> Hi Chris,
>
> Thanks!
>
> I understand we need a second reviewer/sponsor to get this change in.
> Any volunteers?
>
> Best Regards
>
> Adam Farley
> IBM Runtimes
>
>
> Chris Plummer <chris.plummer at oracle.com> wrote on 12/08/2019 21:35:06:
>
> > From: Chris Plummer <chris.plummer at oracle.com>
> > To: Adam Farley8 <adam.farley at uk.ibm.com>, serviceability-dev at openjdk.java.net
> > Date: 12/08/2019 21:35
> > Subject: Re: RFR: 8229378: jdwp library loader in linker_md.c
> > quietly truncates on buffer overflow
> >
> > Hi Adam,
> >
> > It looks good to me.
> >
> > thanks,
> >
> > Chris
> >
> > On 8/12/19 7:34 AM, Adam Farley8 wrote:
> > Hi All,
> >
> > This is a known bug, mentioned in a code comment.
> >
> > Here is the fix for that bug.
> >
> > Reviewers and sponsors requested.
> >
> > Short version: if you set sun.boot.library.path to
> > something beyond a system's max path length, the
> > current code will return an empty string (rather than
> > printing a useful error message and shutting down).
> >
> > This is also a problem if you've specified multiple
> > paths with a separator, as this code seems to wrongly
> > assess whether the *total* length exceeds max path
> > length. So two 200 char paths on windows will cause
> > failure, as the total length is 400 (which is beyond
> > max length for windows).
> >
> > Note that the os.cpp bit of the webrev will not be included
> > in the final webrev, it just makes this change trivially
> > testable.
> >
> > Bug: https://bugs.openjdk.java.net/browse/JDK-8229378
> > Webrev: http://cr.openjdk.java.net/~afarley/8229378/webrev/
> >
> >
> > Best Regards
> >
> > Adam Farley
> > IBM Runtimes
> >
> > Unless stated otherwise above:
> > IBM United Kingdom Limited - Registered in England and Wales with
> > number 741598.
> > Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire
> PO6 3AU
> Unless stated otherwise above:
> IBM United Kingdom Limited - Registered in England and Wales with
> number 741598.
> Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.java.net/pipermail/serviceability-dev/attachments/20190813/3f93b782/attachment-0001.html>
More information about the serviceability-dev
mailing list