Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8129786

Buffer overrun when passing long not existing option in JDK 9

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P2
    • Resolution: Fixed
    • Affects Version/s: 9
    • Fix Version/s: 9
    • Component/s: hotspot
    • Labels:
    • Subcomponent:
    • Introduced In Build:
      b64
    • Resolved In Build:
      b74
    • Verification:
      Verified

      Backports

        Description

        Running following command(in cygwin, abort6_options.txt is attached) cause JDK 9-b64 to exit with bad code(127) on Windows platforms:
        ./java.exe `cat abort6_options.txt` -version

        Also, this command print nothing. Similar problem occur on MaxOS.

        On the other hand, when Java runs with -XX:+IgnoreUnrecognizedVMOptions added, then it successfully exit:
        java.exe `cat ~/abort6_options.txt` -XX:+IgnoreUnrecognizedVMOptions -version
        java version "1.9.0-ea-fastdebug"
        Java(TM) SE Runtime Environment (build 1.9.0-ea-fastdebug-b64)
        Java HotSpot(TM) 64-Bit Server VM (build 1.9.0-ea-b64, mixed mode)

        Fix for JDK-8073989 add strip of the unrecognized VM option in Arguments::process_argument before passing to the is_newly_obsolete function:
          // Construct a string which consists only of the argument name without '+', '-', or '='.
          char stripped_argname[256];
          strncpy(stripped_argname, argname, arg_len);
          stripped_argname[arg_len] = '\0'; //strncpy doesn't null terminate.

        arg_len in this case equal to the length of the option name. Thus, if we pass option with very long name(longer than 256), then buffer overrun can occur when copy argname to the stripped_argname in strncpy function since stripped_argname is 256 bytes long.

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                ddmitriev Dmitry Dmitriev
                Reporter:
                ddmitriev Dmitry Dmitriev
                Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: