Tue, 20 Sep 2016 05:40:51 -0700
8157548: JVM crashes sometimes while starting
Summary: Behavior of strncmp may be unexpected if char buffers[s] is[are] not null terminated and buffer size is smaller than the length n. Added check to avoid this scenario.
Reviewed-by: dholmes, iklam
src/share/vm/classfile/systemDictionary.cpp | file | annotate | diff | comparison | revisions |
1.1 --- a/src/share/vm/classfile/systemDictionary.cpp Mon Oct 17 10:02:06 2016 -0700 1.2 +++ b/src/share/vm/classfile/systemDictionary.cpp Tue Sep 20 05:40:51 2016 -0700 1.3 @@ -1084,15 +1084,18 @@ 1.4 THREAD); 1.5 1.6 const char* pkg = "java/"; 1.7 + size_t pkglen = strlen(pkg); 1.8 if (!HAS_PENDING_EXCEPTION && 1.9 !class_loader.is_null() && 1.10 parsed_name != NULL && 1.11 - !strncmp((const char*)parsed_name->bytes(), pkg, strlen(pkg))) { 1.12 + parsed_name->utf8_length() >= (int)pkglen && 1.13 + !strncmp((const char*)parsed_name->bytes(), pkg, pkglen)) { 1.14 // It is illegal to define classes in the "java." package from 1.15 // JVM_DefineClass or jni_DefineClass unless you're the bootclassloader 1.16 ResourceMark rm(THREAD); 1.17 char* name = parsed_name->as_C_string(); 1.18 char* index = strrchr(name, '/'); 1.19 + assert(index != NULL, "must be"); 1.20 *index = '\0'; // chop to just the package name 1.21 while ((index = strchr(name, '/')) != NULL) { 1.22 *index = '.'; // replace '/' with '.' in package name