Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: P4
Fix Version/s: 24
Affects Version/s: 7, 8, 11, 17, 21, 23
Component/s: core-libs
Labels:

Subcomponent:
java.text
Resolved In Build:
b22
CPU:

generic
OS:

generic

Issue	Fix Version	Assignee	Priority	Status	Resolution	Resolved In Build
JDK-8354139	21.0.9-oracle	Johny Jose	P4	Resolved	Fixed	b03
JDK-8362639	21.0.9	Goetz Lindenmaier	P4	Resolved	Fixed	b01
JDK-8354140	17.0.17-oracle	Johny Jose	P4	Resolved	Fixed	b02
JDK-8362647	17.0.17	Goetz Lindenmaier	P4	Resolved	Fixed	b01

During the de-serialization of MessageFormat, an offset greater than the pattern length should not be allowed. Using said format can later throw a SIOOBE down the line. It seems that the existing check in readObject is off by 1.

backported by

JDK-8354139 Improve MessageFormat readObject checks

Resolved

JDK-8354140 Improve MessageFormat readObject checks

Resolved

JDK-8362639 Improve MessageFormat readObject checks

Resolved

JDK-8362647 Improve MessageFormat readObject checks

Resolved

links to

Commit(master) openjdk/jdk17u-dev/bc868071

Commit(master) openjdk/jdk21u-dev/ab291f5f

Commit(master) openjdk/jdk/7af46a6b

Review(master) openjdk/jdk17u-dev/3767

Review(master) openjdk/jdk21u-dev/1987

Review(master) openjdk/jdk/21570

(5 links to)

Assignee:: Justin Lu

Reporter:: Justin Lu

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2024-09-20 10:20

Updated:: 2025-07-31 21:27

Resolved:: 2024-10-24 09:21

Details

Backports

Description

Attachments

Issue Links

Activity

People

Dates