8222387: Out-of-bounds access to CPU _family_id_xxx array
Reviewed-by: dholmes, kvn
Contributed-by: Jinke Fan <fanjinke51@yeah.net>
--- a/src/hotspot/cpu/x86/vm_version_ext_x86.cpp Sun Apr 14 10:22:56 2019 +0800
+++ b/src/hotspot/cpu/x86/vm_version_ext_x86.cpp Sun Apr 14 21:40:07 2019 +0000
@@ -43,10 +43,10 @@
CPU_FAMILY_PENTIUM_4 = 0xF
} FamilyFlag;
- typedef enum {
- RDTSCP_FLAG = 0x08000000, // bit 27
- INTEL64_FLAG = 0x20000000 // bit 29
- } _featureExtendedEdxFlag;
+typedef enum {
+ RDTSCP_FLAG = 0x08000000, // bit 27
+ INTEL64_FLAG = 0x20000000 // bit 29
+} _featureExtendedEdxFlag;
#define CPUID_STANDARD_FN 0x0
#define CPUID_STANDARD_FN_1 0x1
@@ -403,18 +403,21 @@
const char* VM_Version_Ext::cpu_family_description(void) {
int cpu_family_id = extended_cpu_family();
if (is_amd()) {
- return _family_id_amd[cpu_family_id];
+ if (cpu_family_id < ExtendedFamilyIdLength_AMD) {
+ return _family_id_amd[cpu_family_id];
+ }
}
if (is_intel()) {
if (cpu_family_id == CPU_FAMILY_PENTIUMPRO) {
return cpu_model_description();
}
- return _family_id_intel[cpu_family_id];
+ if (cpu_family_id < ExtendedFamilyIdLength_INTEL) {
+ return _family_id_intel[cpu_family_id];
+ }
}
if (is_hygon()) {
return "Dhyana";
}
-
return "Unknown x86";
}
@@ -705,7 +708,7 @@
return _max_qualified_cpu_frequency;
}
-const char* const VM_Version_Ext::_family_id_intel[] = {
+const char* const VM_Version_Ext::_family_id_intel[ExtendedFamilyIdLength_INTEL] = {
"8086/8088",
"",
"286",
@@ -724,7 +727,7 @@
"Pentium 4"
};
-const char* const VM_Version_Ext::_family_id_amd[] = {
+const char* const VM_Version_Ext::_family_id_amd[ExtendedFamilyIdLength_AMD] = {
"",
"",
"",
@@ -742,6 +745,13 @@
"",
"Opteron/Athlon64",
"Opteron QC/Phenom" // Barcelona et.al.
+ "",
+ "",
+ "",
+ "",
+ "",
+ "",
+ "Zen"
};
// Partially from Intel 64 and IA-32 Architecture Software Developer's Manual,
// September 2013, Vol 3C Table 35-1
--- a/src/hotspot/cpu/x86/vm_version_ext_x86.hpp Sun Apr 14 10:22:56 2019 +0800
+++ b/src/hotspot/cpu/x86/vm_version_ext_x86.hpp Sun Apr 14 21:40:07 2019 +0000
@@ -29,14 +29,20 @@
#include "vm_version_x86.hpp"
class VM_Version_Ext : public VM_Version {
+
+ enum {
+ ExtendedFamilyIdLength_INTEL = 16,
+ ExtendedFamilyIdLength_AMD = 24
+ };
+
private:
static const size_t VENDOR_LENGTH;
static const size_t CPU_EBS_MAX_LENGTH;
static const size_t CPU_TYPE_DESC_BUF_SIZE;
static const size_t CPU_DETAILED_DESC_BUF_SIZE;
- static const char* const _family_id_intel[];
- static const char* const _family_id_amd[];
+ static const char* const _family_id_intel[ExtendedFamilyIdLength_INTEL];
+ static const char* const _family_id_amd[ExtendedFamilyIdLength_AMD];
static const char* const _brand_id[];
static const char* const _model_id_pentium_pro[];