Mercurial > hg > release > icedtea6-1.10
view patches/security/20120214/7118283.patch @ 2555:4e7a700d4ecc
Add 2012/02/14 security patches.
2012-02-08 Omair Majid <omajid@redhat.com>
* NEWS: Update with security fixes.
* Makefile.am
(SECURITY_PATCHES): Add security patches.
(SPECIAL_SECURITY_PATCH): Add new variable.
(ICEDTEA_PATCHES): Add security patch that epends on backport.
* patches/security/20120214/7082299.patch,
* patches/security/20120214/7088367.patch,
* patches/security/20120214/7110683.patch,
* patches/security/20120214/7110687.patch,
* patches/security/20120214/7110700.patch,
* patches/security/20120214/7110704.patch,
* patches/security/20120214/7112642.patch,
* patches/security/20120214/7118283.patch,
* patches/security/20120214/7126960.patch: New security fixes.
| author | Andrew John Hughes <ahughes@redhat.com> |
|---|---|
| date | Thu, 09 Feb 2012 17:05:26 +0000 |
| parents | |
| children |
line wrap: on
line source
# HG changeset patch # User asaha # Date 1323826839 28800 # Node ID 71ca2b40fdc9fd542d565ccd9f2f14861556a417 # Parent ee0f12b18cb8d20c3fb61e96817bde6318a29221 7118283: Better input parameter checking in zip file processing Reviewed-by: sherman diff --git a/src/share/native/java/util/zip/zip_util.c b/src/share/native/java/util/zip/zip_util.c --- openjdk/jdk/src/share/native/java/util/zip/zip_util.c +++ openjdk/jdk/src/share/native/java/util/zip/zip_util.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1995, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -450,7 +450,7 @@ countCENHeaders(unsigned char *beg, unsi { jint count = 0; ptrdiff_t i; - for (i = 0; i + CENHDR < end - beg; i += CENSIZE(beg + i)) + for (i = 0; i + CENHDR <= end - beg; i += CENSIZE(beg + i)) count++; return count; }