Mercurial > hg > openjdk > jdk8u > jdk
changeset 14021:66699ff7f013 jdk8u262-b10 jdk8u262-ga jdk8u265-b00
8241522: Manifest improved jar headers redux
Reviewed-by: sspitsyn, jwilhelm, mschoene, rhalade, mbalao, andrew
author | amenkov |
---|---|
date | Wed, 15 Apr 2020 13:26:38 -0700 |
parents | b627f5d90c2f |
children | 833691f5d8b5 |
files | src/share/instrument/EncodingSupport.c src/share/instrument/InvocationAdapter.c |
diffstat | 2 files changed, 11 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/instrument/EncodingSupport.c Fri Apr 03 17:24:59 2020 +0800 +++ b/src/share/instrument/EncodingSupport.c Wed Apr 15 13:26:38 2020 -0700 @@ -38,7 +38,11 @@ int i; new_length = 0; - for ( i = 0 ; i < length ; i++ ) { + /* + * if length < 0 or new_length becomes < 0 => string is too big + * (handled as error after the cycle). + */ + for ( i = 0 ; i < length && new_length >= 0 ; i++ ) { unsigned byte; byte = (unsigned char)string[i];
--- a/src/share/instrument/InvocationAdapter.c Fri Apr 03 17:24:59 2020 +0800 +++ b/src/share/instrument/InvocationAdapter.c Wed Apr 15 13:26:38 2020 -0700 @@ -206,8 +206,10 @@ /* * According to JVMS class name is represented as CONSTANT_Utf8_info, * so its length is u2 (i.e. must be <= 0xFFFF). + * Negative oldLen or newLen means we got signed integer overflow + * (modifiedUtf8LengthOfUtf8 returns negative value if oldLen is negative). */ - if (newLen > 0xFFFF) { + if (oldLen < 0 || newLen < 0 || newLen > 0xFFFF) { fprintf(stderr, "-javaagent: Premain-Class value is too big\n"); free(jarfile); if (options != NULL) free(options); @@ -376,8 +378,10 @@ /* * According to JVMS class name is represented as CONSTANT_Utf8_info, * so its length is u2 (i.e. must be <= 0xFFFF). + * Negative oldLen or newLen means we got signed integer overflow + * (modifiedUtf8LengthOfUtf8 returns negative value if oldLen is negative). */ - if (newLen > 0xFFFF) { + if (oldLen < 0 || newLen < 0 || newLen > 0xFFFF) { fprintf(stderr, "Agent-Class value is too big\n"); free(jarfile); if (options != NULL) free(options);