changeset 4416:8c03fc47511d

8011048: Possible reading from unmapped memory in UTF8::as_quoted_ascii() Summary: Pass utf_length parameter to UTF8::as_quoted_ascii() Reviewed-by: dcubed, minqi
author iklam
date Mon, 01 Apr 2013 14:05:41 -0700
parents e458120c6e1a
children a4e8dac9db8c
files src/share/vm/oops/symbol.cpp src/share/vm/utilities/utf8.cpp src/share/vm/utilities/utf8.hpp
diffstat 3 files changed, 8 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/vm/oops/symbol.cpp	Thu Mar 28 15:39:52 2013 +0100
+++ b/src/share/vm/oops/symbol.cpp	Mon Apr 01 14:05:41 2013 -0700
@@ -162,7 +162,7 @@
   const char *ptr = (const char *)&_body[0];
   int quoted_length = UTF8::quoted_ascii_length(ptr, utf8_length());
   char* result = NEW_RESOURCE_ARRAY(char, quoted_length + 1);
-  UTF8::as_quoted_ascii(ptr, result, quoted_length + 1);
+  UTF8::as_quoted_ascii(ptr, utf8_length(), result, quoted_length + 1);
   return result;
 }
 
--- a/src/share/vm/utilities/utf8.cpp	Thu Mar 28 15:39:52 2013 +0100
+++ b/src/share/vm/utilities/utf8.cpp	Mon Apr 01 14:05:41 2013 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -180,11 +180,12 @@
 }
 
 // converts a utf8 string to quoted ascii
-void UTF8::as_quoted_ascii(const char* utf8_str, char* buf, int buflen) {
+void UTF8::as_quoted_ascii(const char* utf8_str, int utf8_length, char* buf, int buflen) {
   const char *ptr = utf8_str;
+  const char *utf8_end = ptr + utf8_length;
   char* p = buf;
   char* end = buf + buflen;
-  while (*ptr != '\0') {
+  while (ptr < utf8_end) {
     jchar c;
     ptr = UTF8::next(ptr, &c);
     if (c >= 32 && c < 127) {
@@ -196,6 +197,7 @@
       p += 6;
     }
   }
+  assert(p < end, "sanity");
   *p = '\0';
 }
 
--- a/src/share/vm/utilities/utf8.hpp	Thu Mar 28 15:39:52 2013 +0100
+++ b/src/share/vm/utilities/utf8.hpp	Mon Apr 01 14:05:41 2013 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -45,7 +45,7 @@
   static int quoted_ascii_length(const char* utf8_str, int utf8_length);
 
   // converts a utf8 string to quoted ascii
-  static void as_quoted_ascii(const char* utf8_str, char* buf, int buflen);
+  static void as_quoted_ascii(const char* utf8_str, int utf8_length, char* buf, int buflen);
 
   // converts a quoted ascii string to utf8 string.  returns the original
   // string unchanged if nothing needs to be done.