changeset 8454:ba25f5833a12 jdk8u112-b32

8157548: JVM crashes sometimes while starting Summary: Behavior of strncmp may be unexpected if char buffers[s] is[are] not null terminated and buffer size is smaller than the length n. Added check to avoid this scenario. Reviewed-by: dholmes, iklam
author shshahma
date Tue, 20 Sep 2016 05:40:51 -0700
parents 10baa7af9e63
children 919ffdca10c2
files src/share/vm/classfile/systemDictionary.cpp
diffstat 1 files changed, 4 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/vm/classfile/systemDictionary.cpp	Mon Oct 17 10:02:06 2016 -0700
+++ b/src/share/vm/classfile/systemDictionary.cpp	Tue Sep 20 05:40:51 2016 -0700
@@ -1084,15 +1084,18 @@
                                                              THREAD);
 
   const char* pkg = "java/";
+  size_t pkglen = strlen(pkg);
   if (!HAS_PENDING_EXCEPTION &&
       !class_loader.is_null() &&
       parsed_name != NULL &&
-      !strncmp((const char*)parsed_name->bytes(), pkg, strlen(pkg))) {
+      parsed_name->utf8_length() >= (int)pkglen &&
+      !strncmp((const char*)parsed_name->bytes(), pkg, pkglen)) {
     // It is illegal to define classes in the "java." package from
     // JVM_DefineClass or jni_DefineClass unless you're the bootclassloader
     ResourceMark rm(THREAD);
     char* name = parsed_name->as_C_string();
     char* index = strrchr(name, '/');
+    assert(index != NULL, "must be");
     *index = '\0'; // chop to just the package name
     while ((index = strchr(name, '/')) != NULL) {
       *index = '.'; // replace '/' with '.' in package name