Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
7012520: Heap overflow vulnerability in FileDialog.show()
authordcherepanov
Fri, 25 Feb 2011 15:54:54 +0300
changeset 9829 59c2c48a4b9e
parent 9828 9c9dd9a1b11b
child 9830 692619a439fc
7012520: Heap overflow vulnerability in FileDialog.show() Reviewed-by: art, anthony
jdk/src/windows/native/sun/windows/awt_FileDialog.cpp file | annotate | diff | comparison | revisions 
--- a/jdk/src/windows/native/sun/windows/awt_FileDialog.cpp	Fri Feb 18 13:31:57 2011 +0000
+++ b/jdk/src/windows/native/sun/windows/awt_FileDialog.cpp	Fri Feb 25 15:54:54 2011 +0300
@@ -285,7 +285,7 @@
         file = (jstring)env->GetObjectField(target, AwtFileDialog::fileID);
         if (file != NULL) {
             LPCTSTR tmp = JNU_GetStringPlatformChars(env, file, NULL);
-            _tcscpy(fileBuffer, tmp);
+            _tcsncpy(fileBuffer, tmp, bufferLimit - 2); // the fileBuffer is double null terminated string
             JNU_ReleaseStringPlatformChars(env, file, tmp);
         } else {
             fileBuffer[0] = _T('\0');
jdk-sandbox