4853493: GZIPOutputStream passes a reference to a private array into an untrusted method
Summary: create a new header byte array for each header writeout
Reviewed-by: martin
--- a/jdk/src/share/classes/java/util/zip/GZIPOutputStream.java Mon May 17 12:19:49 2010 -0700
+++ b/jdk/src/share/classes/java/util/zip/GZIPOutputStream.java Mon May 17 16:18:13 2010 -0700
@@ -179,22 +179,19 @@
/*
* Writes GZIP member header.
*/
-
- private final static byte[] header = {
- (byte) GZIP_MAGIC, // Magic number (short)
- (byte)(GZIP_MAGIC >> 8), // Magic number (short)
- Deflater.DEFLATED, // Compression method (CM)
- 0, // Flags (FLG)
- 0, // Modification time MTIME (int)
- 0, // Modification time MTIME (int)
- 0, // Modification time MTIME (int)
- 0, // Modification time MTIME (int)
- 0, // Extra flags (XFLG)
- 0 // Operating system (OS)
- };
-
private void writeHeader() throws IOException {
- out.write(header);
+ out.write(new byte[] {
+ (byte) GZIP_MAGIC, // Magic number (short)
+ (byte)(GZIP_MAGIC >> 8), // Magic number (short)
+ Deflater.DEFLATED, // Compression method (CM)
+ 0, // Flags (FLG)
+ 0, // Modification time MTIME (int)
+ 0, // Modification time MTIME (int)
+ 0, // Modification time MTIME (int)
+ 0, // Modification time MTIME (int)
+ 0, // Extra flags (XFLG)
+ 0 // Operating system (OS)
+ });
}
/*