# HG changeset patch # User dholmes # Date 1555278007 0 # Node ID d2c2622995e2dcddf1ad88bda96aa3aa6f80f5ea # Parent ac56154f0b9e25487d596e10859c0f2558136051 8222387: Out-of-bounds access to CPU _family_id_xxx array Reviewed-by: dholmes, kvn Contributed-by: Jinke Fan diff -r ac56154f0b9e -r d2c2622995e2 src/hotspot/cpu/x86/vm_version_ext_x86.cpp --- a/src/hotspot/cpu/x86/vm_version_ext_x86.cpp Sun Apr 14 10:22:56 2019 +0800 +++ b/src/hotspot/cpu/x86/vm_version_ext_x86.cpp Sun Apr 14 21:40:07 2019 +0000 @@ -43,10 +43,10 @@ CPU_FAMILY_PENTIUM_4 = 0xF } FamilyFlag; - typedef enum { - RDTSCP_FLAG = 0x08000000, // bit 27 - INTEL64_FLAG = 0x20000000 // bit 29 - } _featureExtendedEdxFlag; +typedef enum { + RDTSCP_FLAG = 0x08000000, // bit 27 + INTEL64_FLAG = 0x20000000 // bit 29 +} _featureExtendedEdxFlag; #define CPUID_STANDARD_FN 0x0 #define CPUID_STANDARD_FN_1 0x1 @@ -403,18 +403,21 @@ const char* VM_Version_Ext::cpu_family_description(void) { int cpu_family_id = extended_cpu_family(); if (is_amd()) { - return _family_id_amd[cpu_family_id]; + if (cpu_family_id < ExtendedFamilyIdLength_AMD) { + return _family_id_amd[cpu_family_id]; + } } if (is_intel()) { if (cpu_family_id == CPU_FAMILY_PENTIUMPRO) { return cpu_model_description(); } - return _family_id_intel[cpu_family_id]; + if (cpu_family_id < ExtendedFamilyIdLength_INTEL) { + return _family_id_intel[cpu_family_id]; + } } if (is_hygon()) { return "Dhyana"; } - return "Unknown x86"; } @@ -705,7 +708,7 @@ return _max_qualified_cpu_frequency; } -const char* const VM_Version_Ext::_family_id_intel[] = { +const char* const VM_Version_Ext::_family_id_intel[ExtendedFamilyIdLength_INTEL] = { "8086/8088", "", "286", @@ -724,7 +727,7 @@ "Pentium 4" }; -const char* const VM_Version_Ext::_family_id_amd[] = { +const char* const VM_Version_Ext::_family_id_amd[ExtendedFamilyIdLength_AMD] = { "", "", "", @@ -742,6 +745,13 @@ "", "Opteron/Athlon64", "Opteron QC/Phenom" // Barcelona et.al. + "", + "", + "", + "", + "", + "", + "Zen" }; // Partially from Intel 64 and IA-32 Architecture Software Developer's Manual, // September 2013, Vol 3C Table 35-1 diff -r ac56154f0b9e -r d2c2622995e2 src/hotspot/cpu/x86/vm_version_ext_x86.hpp --- a/src/hotspot/cpu/x86/vm_version_ext_x86.hpp Sun Apr 14 10:22:56 2019 +0800 +++ b/src/hotspot/cpu/x86/vm_version_ext_x86.hpp Sun Apr 14 21:40:07 2019 +0000 @@ -29,14 +29,20 @@ #include "vm_version_x86.hpp" class VM_Version_Ext : public VM_Version { + + enum { + ExtendedFamilyIdLength_INTEL = 16, + ExtendedFamilyIdLength_AMD = 24 + }; + private: static const size_t VENDOR_LENGTH; static const size_t CPU_EBS_MAX_LENGTH; static const size_t CPU_TYPE_DESC_BUF_SIZE; static const size_t CPU_DETAILED_DESC_BUF_SIZE; - static const char* const _family_id_intel[]; - static const char* const _family_id_amd[]; + static const char* const _family_id_intel[ExtendedFamilyIdLength_INTEL]; + static const char* const _family_id_amd[ExtendedFamilyIdLength_AMD]; static const char* const _brand_id[]; static const char* const _model_id_pentium_pro[];