Mercurial > hg > release > icedtea7-forest-2.6 > jdk

changeset 5010:e3790f3ce50a jdk7u3-b02

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
7118283: Better input parameter checking in zip file processing Summary: Fixed off-by-one bug in zip_util.c Reviewed-by: asaha
author sherman
date Mon, 05 Dec 2011 21:01:03 -0800
parents f6c918c35c00
children 077eec16bb82
files src/share/native/java/util/zip/zip_util.c test/java/util/zip/ZipFile/VmCrash.java test/java/util/zip/ZipFile/vmcrash.zip
diffstat 3 files changed, 48 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/native/java/util/zip/zip_util.c	Fri Dec 02 10:44:11 2011 +0400
+++ b/src/share/native/java/util/zip/zip_util.c	Mon Dec 05 21:01:03 2011 -0800
@@ -521,7 +521,7 @@
 {
     jint count = 0;
     ptrdiff_t i;
-    for (i = 0; i + CENHDR < end - beg; i += CENSIZE(beg + i))
+    for (i = 0; i + CENHDR <= end - beg; i += CENSIZE(beg + i))
         count++;
     return count;
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/util/zip/ZipFile/VmCrash.java	Mon Dec 05 21:01:03 2011 -0800
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/* @test
+   @bug 7118283
+   @summary Test if a corrupted zip file crashes VM
+   */
+
+import java.util.zip.*;
+import java.io.*;
+import java.util.*;
+
+public class VmCrash {
+    public static void main(String[] argv) throws Exception {
+        try {
+            ZipFile zf = new ZipFile(new File(System.getProperty("test.src","."),
+                                              "vmcrash.zip"));
+            for (Enumeration e = zf.entries(); e.hasMoreElements();) {
+                System.out.println(e.nextElement());
+            }
+            throw new RuntimeException("Corrupted zip read without exception");
+        } catch (ZipException ex) {
+            System.out.println("expected ZipException:");
+            //ex.printStackTrace();
+        }
+    }
+}
Binary file test/java/util/zip/ZipFile/vmcrash.zip has changed