Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8170981

Possible access to char array with negative index

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: P3 P3
    • 9
    • 9
    • hotspot
    • None
    • b156

        Since 8048093, share/vm/globals.cpp:Flag::print_on(. . .) imposes a length limit of 50 characters on flag names. Flag names with up to 40 characters are assumed “well-formed”. The columnar layout of the PrintFlags* output is designed around that assumption.

        To prevent longer flag names from shifting all remaining columns to the right, the flag value column got some elasticity. For well-formed flag names, a char[11] array of 10 spaces and a terminating ‘\0’ character is printed after the flag value. For flag names with more than 40 characters, the number of spaces is reduced accordingly. This is achieved by replacing the space at index (50-MAX2(40,nameLen)) with a ‘\0’ character. Unfortunately, this code is only protected by an assert(nameLen < 50, “too long”).

        When someone invents a flag name with more than 50 characters, you are at risk. To find this bug during testing, you have to use a vm build with ASSERT defined (a non-PRODUCT build), and you have to run this vm with –XX:+PrintFlagsFinal or with –XX:+PrintFlagsInitial.

              lucy Lutz Schmidt
              goetz Goetz Lindenmaier
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: