# HG changeset patch
# User dcherepanov
# Date 1298638494 -10800
# Node ID 026adaac71f1c4aaf9c78feb894da4b1b27795c8
# Parent  ccb2fcfb6d6b654ba262644a7694744c2d91c4b0
7012520: Heap overflow vulnerability in FileDialog.show()
Reviewed-by: art, anthony

diff -r ccb2fcfb6d6b -r 026adaac71f1 src/windows/native/sun/windows/awt_FileDialog.cpp
--- a/src/windows/native/sun/windows/awt_FileDialog.cpp	Fri Feb 18 13:31:57 2011 +0000
+++ b/src/windows/native/sun/windows/awt_FileDialog.cpp	Fri Feb 25 15:54:54 2011 +0300
@@ -285,7 +285,7 @@
         file = (jstring)env->GetObjectField(target, AwtFileDialog::fileID);
         if (file != NULL) {
             LPCTSTR tmp = JNU_GetStringPlatformChars(env, file, NULL);
-            _tcscpy(fileBuffer, tmp);
+            _tcsncpy(fileBuffer, tmp, bufferLimit - 2); // the fileBuffer is double null terminated string
             JNU_ReleaseStringPlatformChars(env, file, tmp);
         } else {
             fileBuffer[0] = _T('\0');