RFR: 8229378: jdwp library loader in linker_md.c quietly truncates on buffer overflow

Adam Farley8 adam.farley at uk.ibm.com
Tue Aug 13 16:28:23 UTC 2019 

Hi Serguei, Daniel,

My testing was limited to the bug specific test case I mentioned, and the 
following jdwp tests:

test/jdk/com/sun/jdi/Jdwp*
test/hotspot/jtreg/serviceability/jdwp

Best Regards

Adam Farley 
IBM Runtimes


"serguei.spitsyn at oracle.com" <serguei.spitsyn at oracle.com> wrote on 
13/08/2019 17:04:43:

> From: "serguei.spitsyn at oracle.com" <serguei.spitsyn at oracle.com>
> To: daniel.daugherty at oracle.com, Adam Farley8 
> <adam.farley at uk.ibm.com>, Chris Plummer <chris.plummer at oracle.com>
> Cc: serviceability-dev at openjdk.java.net
> Date: 13/08/2019 17:08
> Subject: Re: RFR: 8229378: jdwp library loader in linker_md.c 
> quietly truncates on buffer overflow
> 
> Hi Adam,
> 
> I'm looking at your fix.
> Also interested about your testing.
> 
> Thanks,
> Serguei
> 
> On 8/13/19 08:48, Daniel D. Daugherty wrote:
> I don't see any information about how this change was tested...
> Is there something on another email thread?
> 
> Dan
> 

> On 8/13/19 11:41 AM, Adam Farley8 wrote:
> Hi Chris, 
> 
> Thanks! 
> 
> I understand we need a second reviewer/sponsor to get this change 
> in. Any volunteers?
> 
> Best Regards
> 
> Adam Farley 
> IBM Runtimes
> 
> 
> Chris Plummer <chris.plummer at oracle.com> wrote on 12/08/2019 21:35:06:
> 
> > From: Chris Plummer <chris.plummer at oracle.com> 
> > To: Adam Farley8 <adam.farley at uk.ibm.com>, serviceability-
> dev at openjdk.java.net 
> > Date: 12/08/2019 21:35 
> > Subject: Re: RFR: 8229378: jdwp library loader in linker_md.c 
> > quietly truncates on buffer overflow 
> > 
> > Hi Adam,
> > 
> > It looks good to me.
> > 
> > thanks,
> > 
> > Chris
> > 
> > On 8/12/19 7:34 AM, Adam Farley8 wrote: 
> > Hi All, 
> > 
> > This is a known bug, mentioned in a code comment. 
> > 
> > Here is the fix for that bug. 
> > 
> > Reviewers and sponsors requested. 
> > 
> > Short version: if you set sun.boot.library.path to 
> > something beyond a system's max path length, the 
> > current code will return an empty string (rather than 
> > printing a useful error message and shutting down). 
> > 
> > This is also a problem if you've specified multiple 
> > paths with a separator, as this code seems to wrongly 
> > assess whether the *total* length exceeds max path 
> > length. So two 200 char paths on windows will cause 
> > failure, as the total length is 400 (which is beyond 
> > max length for windows). 
> > 
> > Note that the os.cpp bit of the webrev will not be included 
> > in the final webrev, it just makes this change trivially 
> > testable. 
> > 
> > Bug: https://bugs.openjdk.java.net/browse/JDK-8229378 
> > Webrev: http://cr.openjdk.java.net/~afarley/8229378/webrev/ 
> > 
> > 
> > Best Regards
> > 
> > Adam Farley 
> > IBM Runtimes
> > 
> > Unless stated otherwise above:
> > IBM United Kingdom Limited - Registered in England and Wales with 
> > number 741598. 
> > Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 
3AU
> Unless stated otherwise above:
> IBM United Kingdom Limited - Registered in England and Wales with 
> number 741598. 
> Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 
3AU
Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 
741598. 
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.java.net/pipermail/serviceability-dev/attachments/20190813/0fb227ef/attachment-0001.html>

More information about the serviceability-dev mailing list