Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8214444: Wrong strncat limits in dfa.cpp
authordchuyko
Mon, 03 Dec 2018 14:28:19 +0300
changeset 52795 9501a7b59111
parent 52794 e4ba5414c8b4
child 52796 2c8e6decb1c3
8214444: Wrong strncat limits in dfa.cpp Reviewed-by: kvn
src/hotspot/share/adlc/adlc.hpp file | annotate | diff | comparison | revisions
src/hotspot/share/adlc/dfa.cpp file | annotate | diff | comparison | revisions 
--- a/src/hotspot/share/adlc/adlc.hpp	Mon Dec 03 10:37:36 2018 +0100
+++ b/src/hotspot/share/adlc/adlc.hpp	Mon Dec 03 14:28:19 2018 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -50,6 +50,10 @@
 #define strdup _strdup
 #endif
 
+#if _MSC_VER < 1900
+#define snprintf _snprintf
+#endif
+
 #ifndef _INTPTR_T_DEFINED
 #ifdef _WIN64
 typedef __int64 intptr_t;
--- a/src/hotspot/share/adlc/dfa.cpp	Mon Dec 03 10:37:36 2018 +0100
+++ b/src/hotspot/share/adlc/dfa.cpp	Mon Dec 03 14:28:19 2018 +0300
@@ -719,21 +719,21 @@
 
   // Preserve use of external name which has a zero value
   if( c1->_external_name != NULL ) {
-    sprintf(string_buffer, "%s", c1->as_string());
-    if( !c2->is_zero() ) {
-      strncat(string_buffer, "+", STRING_BUFFER_LENGTH);
-      strncat(string_buffer, c2->as_string(), STRING_BUFFER_LENGTH);
+    if( c2->is_zero() ) {
+      snprintf(string_buffer, STRING_BUFFER_LENGTH, "%s", c1->as_string());
+    } else {
+      snprintf(string_buffer, STRING_BUFFER_LENGTH, "%s+%s", c1->as_string(), c2->as_string());
     }
+    string_buffer[STRING_BUFFER_LENGTH - 1] = '\0';
     result = strdup(string_buffer);
   }
   else if( c2->_external_name != NULL ) {
-    if( !c1->is_zero() ) {
-      sprintf(string_buffer, "%s", c1->as_string());
-      strncat(string_buffer, " + ", STRING_BUFFER_LENGTH);
+    if( c1->is_zero() ) {
+      snprintf(string_buffer, STRING_BUFFER_LENGTH, "%s", c2->_external_name);
     } else {
-      string_buffer[0] = '\0';
+      snprintf(string_buffer, STRING_BUFFER_LENGTH, "%s + %s", c1->as_string(), c2->as_string());
     }
-    strncat(string_buffer, c2->_external_name, STRING_BUFFER_LENGTH);
+    string_buffer[STRING_BUFFER_LENGTH - 1] = '\0';
     result = strdup(string_buffer);
   }
   return result;
@@ -741,18 +741,19 @@
 
 const char *Expr::compute_expr(const Expr *c1, const Expr *c2) {
   if( !c1->is_zero() ) {
-    sprintf( string_buffer, "%s", c1->_expr);
-    if( !c2->is_zero() ) {
-      strncat(string_buffer, "+", STRING_BUFFER_LENGTH);
-      strncat(string_buffer, c2->_expr, STRING_BUFFER_LENGTH);
+    if( c2->is_zero() ) {
+      snprintf(string_buffer, STRING_BUFFER_LENGTH, "%s", c1->_expr);
+    } else {
+      snprintf(string_buffer, STRING_BUFFER_LENGTH, "%s+%s", c1->_expr, c2->_expr);
     }
   }
   else if( !c2->is_zero() ) {
-    sprintf( string_buffer, "%s", c2->_expr);
+    snprintf(string_buffer, STRING_BUFFER_LENGTH, "%s", c2->_expr);
   }
   else {
     sprintf( string_buffer, "0");
   }
+  string_buffer[STRING_BUFFER_LENGTH - 1] = '\0';
   char *cost = strdup(string_buffer);
 
   return cost;
jdk-sandbox