Mercurial > hg > release > icedtea6-1.8
view patches/security/20111018/7055902.patch @ 2161:7524f507af5c
Apply latest security patches.
2011-10-17 Andrew John Hughes <ahughes@redhat.com>
* Makefile.am: Add patches.
* NEWS: List security updates.
* patches/icedtea-rhino.patch: Change after 7046823 is applied.
* patches/icedtea-xjc.patch: Update against 7046794.
* patches/security/20111018/7000600.patch,
* patches/security/20111018/7019773.patch,
* patches/security/20111018/7023640.patch,
* patches/security/20111018/7032417.patch,
* patches/security/20111018/7046823.patch,
* patches/security/20111018/7055902.patch,
* patches/security/20111018/7057857.patch,
* patches/security/20111018/7064341.patch,
* patches/security/20111018/7083012.patch,
* patches/security/20111018/7096936.patch,
* patches/security/20111018/7046794.patch,
* patches/security/20111018/7077466.patch:
Add security patches.
author | Andrew John Hughes <ahughes@redhat.com> |
---|---|
date | Mon, 17 Oct 2011 15:40:23 +0100 |
parents | |
children |
line wrap: on
line source
# HG changeset patch # User mbankal # Date 1312898223 25200 # Node ID 23f471142a033a47b6b60506c2749f9caad0a4f8 # Parent 82557c6d8d453c417f699311bfc0c263fae6451a 7055902: Oracle Java IIOP Deserialization Type Confusion Remote Code Execution Vulnerability Reviewed-by: coffeys diff --git a/src/share/classes/com/sun/corba/se/impl/io/IIOPInputStream.java b/src/share/classes/com/sun/corba/se/impl/io/IIOPInputStream.java --- openjdk/corba/src/share/classes/com/sun/corba/se/impl/io/IIOPInputStream.java +++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/io/IIOPInputStream.java @@ -2239,6 +2239,10 @@ public class IIOPInputStream } try { + Class fieldCl = fields[i].getClazz(); + if (objectValue != null && !fieldCl.isInstance(objectValue)) { + throw new IllegalArgumentException(); + } bridge.putObject( o, fields[i].getFieldID(), objectValue ) ; // reflective code: fields[i].getField().set( o, objectValue ) ; } catch (IllegalArgumentException e) { @@ -2549,6 +2553,10 @@ public class IIOPInputStream { try { Field fld = c.getDeclaredField( fieldName ) ; + Class fieldCl = fld.getType(); + if(v != null && !fieldCl.isInstance(v)) { + throw new Exception(); + } long key = bridge.objectFieldOffset( fld ) ; bridge.putObject( o, key, v ) ; } catch (Exception e) {