stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8037398: integer overflow in jdk/src/share/bin/java.c

Browse Source 
Reviewed-by: ksrini
This commit is contained in:
Alexander Zuev 2014-05-20 23:17:01 +04:00
parent 878ab77469
commit 24c1439f36
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
jdk/src/share/bin/java.c
View File

@ -739,6 +739,9 @@ SetClassPath(const char *s)
if (s == NULL)
return;
s = JLI_WildcardExpandClasspath(s);
if (sizeof(format) - 2 + JLI_StrLen(s) < JLI_StrLen(s))
// s is became corrupted after expanding wildcards
return;
def = JLI_MemAlloc(sizeof(format)
- 2 /* strlen("%s") */
+ JLI_StrLen(s));
@ -1358,9 +1361,11 @@ AddApplicationOptions(int cpathc, const char **cpathv)
if (s) {
s = (char *) JLI_WildcardExpandClasspath(s);
/* 40 for -Denv.class.path= */
envcp = (char *)JLI_MemAlloc(JLI_StrLen(s) + 40);
sprintf(envcp, "-Denv.class.path=%s", s);
AddOption(envcp, NULL);
if (JLI_StrLen(s) + 40 > JLI_StrLen(s)) { // Safeguard from overflow
envcp = (char *)JLI_MemAlloc(JLI_StrLen(s) + 40);
sprintf(envcp, "-Denv.class.path=%s", s);
AddOption(envcp, NULL);
}
}
}