1.1 --- a/src/share/classes/com/sun/corba/se/impl/ior/StubIORImpl.java Tue Feb 13 12:14:04 2018 -0800
1.2 +++ b/src/share/classes/com/sun/corba/se/impl/ior/StubIORImpl.java Wed Feb 07 00:10:57 2018 -0800
1.3 @@ -1,5 +1,5 @@
1.4 /*
1.5 - * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
1.6 + * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
1.7 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
1.8 *
1.9 * This code is free software; you can redistribute it and/or modify it
1.10 @@ -34,7 +34,6 @@
1.11 import java.io.ObjectInputStream ;
1.12 import java.io.ObjectOutputStream ;
1.13 import java.io.IOException ;
1.14 -import java.io.StringWriter ;
1.15
1.16 import org.omg.CORBA.ORB ;
1.17
1.18 @@ -47,6 +46,7 @@
1.19 // other vendor's ORBs.
1.20 import com.sun.corba.se.spi.presentation.rmi.StubAdapter ;
1.21 import com.sun.corba.se.impl.orbutil.HexOutputStream ;
1.22 +import sun.corba.SharedSecrets;
1.23
1.24 /**
1.25 * This class implements a very simply IOR representation
1.26 @@ -125,14 +125,20 @@
1.27 {
1.28 // read the IOR from the ObjectInputStream
1.29 int typeLength = stream.readInt();
1.30 + SharedSecrets.getJavaOISAccess().checkArray(stream, byte[].class, typeLength);
1.31 typeData = new byte[typeLength];
1.32 stream.readFully(typeData);
1.33 +
1.34 int numProfiles = stream.readInt();
1.35 + SharedSecrets.getJavaOISAccess().checkArray(stream, int[].class, numProfiles);
1.36 + SharedSecrets.getJavaOISAccess().checkArray(stream, byte[].class, numProfiles);
1.37 profileTags = new int[numProfiles];
1.38 profileData = new byte[numProfiles][];
1.39 for (int i = 0; i < numProfiles; i++) {
1.40 profileTags[i] = stream.readInt();
1.41 - profileData[i] = new byte[stream.readInt()];
1.42 + int dataSize = stream.readInt();
1.43 + SharedSecrets.getJavaOISAccess().checkArray(stream, byte[].class, dataSize);
1.44 + profileData[i] = new byte[dataSize];
1.45 stream.readFully(profileData[i]);
1.46 }
1.47 }
