# HG changeset patch
# User dcherepanov
# Date 1298638494 -10800
# Node ID 59c2c48a4b9e8a5bb8a136ee3bed32958185f993
# Parent  9c9dd9a1b11bea2763508e0f2e0ffd5c4632f1b5
7012520: Heap overflow vulnerability in FileDialog.show()
Reviewed-by: art, anthony

diff -r 9c9dd9a1b11b -r 59c2c48a4b9e jdk/src/windows/native/sun/windows/awt_FileDialog.cpp
--- a/jdk/src/windows/native/sun/windows/awt_FileDialog.cpp	Fri Feb 18 13:31:57 2011 +0000
+++ b/jdk/src/windows/native/sun/windows/awt_FileDialog.cpp	Fri Feb 25 15:54:54 2011 +0300
@@ -285,7 +285,7 @@
         file = (jstring)env->GetObjectField(target, AwtFileDialog::fileID);
         if (file != NULL) {
             LPCTSTR tmp = JNU_GetStringPlatformChars(env, file, NULL);
-            _tcscpy(fileBuffer, tmp);
+            _tcsncpy(fileBuffer, tmp, bufferLimit - 2); // the fileBuffer is double null terminated string
             JNU_ReleaseStringPlatformChars(env, file, tmp);
         } else {
             fileBuffer[0] = _T('\0');