Minor com.sun.jndi.dns cleanup

Florian Weimer fweimer at redhat.com
Mon Feb 17 16:22:36 UTC 2014


On 02/17/2014 04:43 PM, Florian Weimer wrote:
> This patch removes an unnecessary allocation from DnsClient and adds
> explicit detection for DNS label compression loops in ResourceRecord.
> Previously, the code relied on a StackOverflowError for exiting the
> parsing loop.

Mailman ate the attachment, so I put it up here:

   <http://fweimer.fedorapeople.org/openjdk/jndi-dns-loop/>

Note that other implementations fixed this as CVE-2000-0333 a long time 
ago, but due to the lack of tail call optimization and reliable stack 
overflow detection, this is currently not a security vulnerability in 
OpenJDK (not even an endless loop).

-- 
Florian Weimer / Red Hat Product Security Team



More information about the core-libs-dev mailing list