Mercurial > hg > openjdk > jdk8u > hotspot
changeset 9315:002b9c947f0f
8244225: stringop-overflow warning on strncpy call from compile_the_world_in
Reviewed-by: aph, shade, andrew
author | goetz |
---|---|
date | Wed, 10 Jun 2020 11:33:17 +0200 |
parents | 007d682bf5d0 |
children | 321a84a5e5b8 |
files | src/share/vm/classfile/classLoader.cpp |
diffstat | 1 files changed, 4 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/vm/classfile/classLoader.cpp Wed Nov 12 13:55:59 2014 +0100 +++ b/src/share/vm/classfile/classLoader.cpp Wed Jun 10 11:33:17 2020 +0200 @@ -1635,12 +1635,13 @@ } void ClassLoader::compile_the_world_in(char* name, Handle loader, TRAPS) { - int len = (int)strlen(name); + size_t len = strlen(name); if (len > 6 && strcmp(".class", name + len - 6) == 0) { // We have a .class file char buffer[2048]; - strncpy(buffer, name, len - 6); - buffer[len-6] = 0; + if (len-6 >= sizeof(buffer)) return; + strncpy(buffer, name, sizeof(buffer)); + buffer[len-6] = 0; // Truncate ".class" suffix. // If the file has a period after removing .class, it's not really a // valid class file. The class loader will check everything else. if (strchr(buffer, '.') == NULL) {