Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8302594

use-after-free in Node::destruct

    XMLWordPrintable

Details

    • b11

    Backports

      Description

        See the conversion in https://mail.openjdk.org/pipermail/hotspot-compiler-dev/2023-February/062495.html and its related links.

        There is a use-after-free bug in Node::destruct. The storage for Node is passed to `Afree` and then subsequently referenced. Currently none of the methods called happen to allocate, which is good, however this is not guaranteed and could change in the future. The call to `Afree` should be moved to the bottom of the method after calling of other methods.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8305129 use-after-free in Node::destruct

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8305547 use-after-free in Node::destruct

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8306830 use-after-free in Node::destruct

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8307026 use-after-free in Node::destruct

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved
            relates to

            Bug - A problem which impairs or prevents the functions of the product. JDK-8298984 Suspicious logic in C2

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Open

            Bug - A problem which impairs or prevents the functions of the product. JDK-8270028 applications/ctw/modules/java_xml.java failed with SIGSEGV in medium_free_list_remove_ptr_no_clear

            • P3 - Major loss of function.
            • Closed
            links to

            Commit Commit openjdk/jdk17u-dev/24e91c1e

            Commit Commit openjdk/jdk20u/fcd422da

            Commit Commit openjdk/jdk/2e3cea01

            Review Review openjdk/jdk17u-dev/1286

            Review Review openjdk/jdk20u/28

            Review Review openjdk/jdk/12577

            Activity

              People

                jcking Justin King
                jcking Justin King
                Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: