# HG changeset patch # User hseigel # Date 1405327430 -14400 # Node ID 9f471b8373309511317515c9c54db9da270edbcb # Parent 92dc8bd62c6911f7c878fe61f9a7ceb84ec8ae85 8030763: Validate global memory allocation Summary: Add length checks where necessary Reviewed-by: coleenp, mschoene diff -r 92dc8bd62c69 -r 9f471b837330 hotspot/src/os/bsd/vm/os_bsd.cpp --- a/hotspot/src/os/bsd/vm/os_bsd.cpp Fri Jul 11 09:14:21 2014 -0700 +++ b/hotspot/src/os/bsd/vm/os_bsd.cpp Mon Jul 14 12:43:50 2014 +0400 @@ -1172,10 +1172,6 @@ ::abort(); } -// unused on bsd for now. -void os::set_error_file(const char *logfile) {} - - // This method is a copy of JDK's sysGetLastErrorString // from src/solaris/hpi/src/system_md.c @@ -1832,6 +1828,7 @@ // determine if this is a legacy image or modules image // modules image doesn't have "jre" subdirectory len = strlen(buf); + assert(len < buflen, "Ran out of buffer space"); jrelib_p = buf + len; // Add the appropriate library subdir @@ -1865,7 +1862,7 @@ } } - strcpy(saved_jvm_path, buf); + strncpy(saved_jvm_path, buf, MAXPATHLEN); } void os::print_jni_name_prefix_on(outputStream* st, int args_size) { diff -r 92dc8bd62c69 -r 9f471b837330 hotspot/src/os/linux/vm/os_linux.cpp --- a/hotspot/src/os/linux/vm/os_linux.cpp Fri Jul 11 09:14:21 2014 -0700 +++ b/hotspot/src/os/linux/vm/os_linux.cpp Mon Jul 14 12:43:50 2014 +0400 @@ -1553,9 +1553,6 @@ ::abort(); } -// unused on linux for now. -void os::set_error_file(const char *logfile) {} - // This method is a copy of JDK's sysGetLastErrorString // from src/solaris/hpi/src/system_md.c @@ -2345,6 +2342,7 @@ // determine if this is a legacy image or modules image // modules image doesn't have "jre" subdirectory len = strlen(buf); + assert(len < buflen, "Ran out of buffer room"); jrelib_p = buf + len; snprintf(jrelib_p, buflen-len, "/jre/lib/%s", cpu_arch); if (0 != access(buf, F_OK)) { @@ -2365,7 +2363,7 @@ } } - strcpy(saved_jvm_path, buf); + strncpy(saved_jvm_path, buf, MAXPATHLEN); } void os::print_jni_name_prefix_on(outputStream* st, int args_size) { diff -r 92dc8bd62c69 -r 9f471b837330 hotspot/src/os/solaris/vm/os_solaris.cpp --- a/hotspot/src/os/solaris/vm/os_solaris.cpp Fri Jul 11 09:14:21 2014 -0700 +++ b/hotspot/src/os/solaris/vm/os_solaris.cpp Mon Jul 14 12:43:50 2014 +0400 @@ -1543,9 +1543,6 @@ ::abort(); // dump core (for debugging) } -// unused -void os::set_error_file(const char *logfile) {} - // DLL functions const char* os::dll_file_extension() { return ".so"; } @@ -2185,6 +2182,7 @@ // determine if this is a legacy image or modules image // modules image doesn't have "jre" subdirectory len = strlen(buf); + assert(len < buflen, "Ran out of buffer space"); jrelib_p = buf + len; snprintf(jrelib_p, buflen-len, "/jre/lib/%s", cpu_arch); if (0 != access(buf, F_OK)) { @@ -2203,7 +2201,7 @@ } } - strcpy(saved_jvm_path, buf); + strncpy(saved_jvm_path, buf, MAXPATHLEN); } diff -r 92dc8bd62c69 -r 9f471b837330 hotspot/src/os/windows/vm/os_windows.cpp --- a/hotspot/src/os/windows/vm/os_windows.cpp Fri Jul 11 09:14:21 2014 -0700 +++ b/hotspot/src/os/windows/vm/os_windows.cpp Mon Jul 14 12:43:50 2014 +0400 @@ -1824,7 +1824,9 @@ // looks like jvm.dll is installed there (append a fake suffix // hotspot/jvm.dll). char* java_home_var = ::getenv("JAVA_HOME"); - if (java_home_var != NULL && java_home_var[0] != 0) { + if (java_home_var != NULL && java_home_var[0] != 0 && + strlen(java_home_var) < (size_t)buflen) { + strncpy(buf, java_home_var, buflen); // determine if this is a legacy image or modules image @@ -1843,7 +1845,7 @@ if (buf[0] == '\0') { GetModuleFileName(vm_lib_handle, buf, buflen); } - strcpy(saved_jvm_path, buf); + strncpy(saved_jvm_path, buf, MAX_PATH); } @@ -2291,17 +2293,6 @@ return EXCEPTION_CONTINUE_SEARCH; } -// Fatal error reporting is single threaded so we can make this a -// static and preallocated. If it's more than MAX_PATH silently ignore -// it. -static char saved_error_file[MAX_PATH] = {0}; - -void os::set_error_file(const char *logfile) { - if (strlen(logfile) <= MAX_PATH) { - strncpy(saved_error_file, logfile, MAX_PATH); - } -} - static inline void report_error(Thread* t, DWORD exception_code, address addr, void* siginfo, void* context) { VMError err(t, exception_code, addr, siginfo, context); diff -r 92dc8bd62c69 -r 9f471b837330 hotspot/src/share/vm/compiler/compileBroker.cpp --- a/hotspot/src/share/vm/compiler/compileBroker.cpp Fri Jul 11 09:14:21 2014 -0700 +++ b/hotspot/src/share/vm/compiler/compileBroker.cpp Mon Jul 14 12:43:50 2014 +0400 @@ -2123,6 +2123,7 @@ ResourceMark rm; char* method_name = method->name()->as_C_string(); strncpy(_last_method_compiled, method_name, CompileBroker::name_buffer_length); + _last_method_compiled[CompileBroker::name_buffer_length - 1] = '\0'; // ensure null terminated char current_method[CompilerCounters::cmname_buffer_length]; size_t maxLen = CompilerCounters::cmname_buffer_length; diff -r 92dc8bd62c69 -r 9f471b837330 hotspot/src/share/vm/runtime/os.hpp --- a/hotspot/src/share/vm/runtime/os.hpp Fri Jul 11 09:14:21 2014 -0700 +++ b/hotspot/src/share/vm/runtime/os.hpp Mon Jul 14 12:43:50 2014 +0400 @@ -469,9 +469,6 @@ // run cmd in a separate process and return its exit code; or -1 on failures static int fork_and_exec(char *cmd); - // Set file to send error reports. - static void set_error_file(const char *logfile); - // os::exit() is merged with vm_exit() // static void exit(int num); diff -r 92dc8bd62c69 -r 9f471b837330 hotspot/src/share/vm/utilities/vmError.cpp --- a/hotspot/src/share/vm/utilities/vmError.cpp Fri Jul 11 09:14:21 2014 -0700 +++ b/hotspot/src/share/vm/utilities/vmError.cpp Mon Jul 14 12:43:50 2014 +0400 @@ -989,7 +989,6 @@ if (fd != -1) { out.print_raw("# An error report file with more information is saved as:\n# "); out.print_raw_cr(buffer); - os::set_error_file(buffer); log.set_fd(fd); } else {