| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8135593 | emb-9 | Dmitry Dmitriev | P2 | Resolved | Fixed | team |
Running following command(in cygwin, abort6_options.txt is attached) cause JDK 9-b64 to exit with bad code(127) on Windows platforms:
./java.exe `cat abort6_options.txt` -version
Also, this command print nothing. Similar problem occur on MaxOS.
On the other hand, when Java runs with -XX:+IgnoreUnrecognizedVMOptions added, then it successfully exit:
java.exe `cat ~/abort6_options.txt` -XX:+IgnoreUnrecognizedVMOptions -version
java version "1.9.0-ea-fastdebug"
Java(TM) SE Runtime Environment (build 1.9.0-ea-fastdebug-b64)
Java HotSpot(TM) 64-Bit Server VM (build 1.9.0-ea-b64, mixed mode)
Fix forJDK-8073989 add strip of the unrecognized VM option in Arguments::process_argument before passing to the is_newly_obsolete function:
// Construct a string which consists only of the argument name without '+', '-', or '='.
char stripped_argname[256];
strncpy(stripped_argname, argname, arg_len);
stripped_argname[arg_len] = '\0'; //strncpy doesn't null terminate.
arg_len in this case equal to the length of the option name. Thus, if we pass option with very long name(longer than 256), then buffer overrun can occur when copy argname to the stripped_argname in strncpy function since stripped_argname is 256 bytes long.
./java.exe `cat abort6_options.txt` -version
Also, this command print nothing. Similar problem occur on MaxOS.
On the other hand, when Java runs with -XX:+IgnoreUnrecognizedVMOptions added, then it successfully exit:
java.exe `cat ~/abort6_options.txt` -XX:+IgnoreUnrecognizedVMOptions -version
java version "1.9.0-ea-fastdebug"
Java(TM) SE Runtime Environment (build 1.9.0-ea-fastdebug-b64)
Java HotSpot(TM) 64-Bit Server VM (build 1.9.0-ea-b64, mixed mode)
Fix for
// Construct a string which consists only of the argument name without '+', '-', or '='.
char stripped_argname[256];
strncpy(stripped_argname, argname, arg_len);
stripped_argname[arg_len] = '\0'; //strncpy doesn't null terminate.
arg_len in this case equal to the length of the option name. Thus, if we pass option with very long name(longer than 256), then buffer overrun can occur when copy argname to the stripped_argname in strncpy function since stripped_argname is 256 bytes long.
- backported by
-
JDK-8135593 Buffer overrun when passing long not existing option in JDK 9
-
- Resolved
-
- relates to
-
JDK-8073989 Deprecated integer options are considered as invalid instead of deprecated in Java 9
-
- Resolved
-