Mercurial > hg > release > icedtea6-1.6
view patches/security/icedtea-6862968.patch @ 1723:d48a4f542e7d
Add new security patches and fix srcdir!=builddir issues.
2009-03-30 Andrew John Hughes <ahughes@redhat.com>
* patches/icedtea-systemtap.patch:
Moved to HotSpot-specific patch tree.
* Makefile.am: Add new security patches
and add $(HSBUILD) to systemtap patch.
Put copied OpenJDK files in openjdk-copy
rather than a duplicate rt directory
in the build tree.
* NEWS: List new security patches.
* patches/hotspot/default/systemtap.patch:
From patches/icedtea-systemtap.patch.
* patches/hotspot/original/icedtea-format.patch,
* patches/hotspot/original/systemtap.patch:
Added for original HotSpot build.
* patches/security/20100330/6626217.patch,
* patches/security/20100330/6633872.patch,
* patches/security/20100330/6639665.patch,
* patches/security/20100330/6736390.patch,
* patches/security/20100330/6745393.patch,
* patches/security/20100330/6887703.patch,
* patches/security/20100330/6888149.patch,
* patches/security/20100330/6892265.patch,
* patches/security/20100330/6893947.patch,
* patches/security/20100330/6893954.patch,
* patches/security/20100330/6898622.patch,
* patches/security/20100330/6898739.patch,
* patches/security/20100330/6899653.patch,
* patches/security/20100330/6902299.patch,
* patches/security/20100330/6904691.patch,
* patches/security/20100330/6909597.patch,
* patches/security/20100330/6910590.patch,
* patches/security/20100330/6914823.patch,
* patches/security/20100330/6914866.patch,
* patches/security/20100330/6932480.patch,
* patches/security/20100330/hotspot/default/6894807.patch,
* patches/security/20100330/hotspot/original/6894807.patch:
New security and hardening patches
http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
| author | Andrew John Hughes <ahughes@redhat.com> |
|---|---|
| date | Tue, 30 Mar 2010 23:04:54 +0100 |
| parents | 2c854193cc9d |
| children |
line wrap: on
line source
--- old/src/share/native/sun/awt/image/jpeg/imageioJPEG.c 2009-07-29 13:28:11.272200000 +0400 +++ openjdk/jdk/src/share/native/sun/awt/image/jpeg/imageioJPEG.c 2009-07-29 13:28:10.710600000 +0400 @@ -685,6 +685,10 @@ #ifdef DEBUG printf("in setQTables, qlen = %d, write is %d\n", qlen, write); #endif + if (qlen > NUM_QUANT_TBLS) { + /* Ignore extra qunterization tables. */ + qlen = NUM_QUANT_TBLS; + } for (i = 0; i < qlen; i++) { table = (*env)->GetObjectArrayElement(env, qtables, i); qdata = (*env)->GetObjectField(env, table, JPEGQTable_tableID); @@ -736,6 +740,11 @@ hlensBody = (*env)->GetShortArrayElements(env, huffLens, NULL); + if (hlensLen > 16) { + /* Ignore extra elements of bits array. Only 16 elements can be + stored. 0-th element is not used. (see jpeglib.h, line 107) */ + hlensLen = 16; + } for (i = 1; i <= hlensLen; i++) { huff_ptr->bits[i] = (UINT8)hlensBody[i-1]; } @@ -752,6 +761,11 @@ huffValues, NULL); + if (hvalsLen > 256) { + /* Ignore extra elements of hufval array. Only 256 elements + can be stored. (see jpeglib.h, line 109) */ + hlensLen = 256; + } for (i = 0; i < hvalsLen; i++) { huff_ptr->huffval[i] = (UINT8)hvalsBody[i]; } @@ -772,6 +786,11 @@ j_compress_ptr comp; j_decompress_ptr decomp; jsize hlen = (*env)->GetArrayLength(env, DCHuffmanTables); + + if (hlen > NUM_HUFF_TBLS) { + /* Ignore extra DC huffman tables. */ + hlen = NUM_HUFF_TBLS; + } for (i = 0; i < hlen; i++) { if (cinfo->is_decompressor) { decomp = (j_decompress_ptr) cinfo; @@ -793,6 +812,10 @@ huff_ptr->sent_table = !write; } hlen = (*env)->GetArrayLength(env, ACHuffmanTables); + if (hlen > NUM_HUFF_TBLS) { + /* Ignore extra AC huffman tables. */ + hlen = NUM_HUFF_TBLS; + } for (i = 0; i < hlen; i++) { if (cinfo->is_decompressor) { decomp = (j_decompress_ptr) cinfo;