# HG changeset patch # User ddmitriev # Date 1435829155 -10800 # Node ID a184abca168421f7379d067366859554d119c39a # Parent 65674ad914148f10129f2646f20edac55ce5a564 8129786: Buffer overrun when passing long not existing option in JDK 9 Summary: Only make the obsolete check for valid arguments(length less than 256) Reviewed-by: dcubed, dholmes diff -r 65674ad91414 -r a184abca1684 hotspot/src/share/vm/runtime/arguments.cpp --- a/hotspot/src/share/vm/runtime/arguments.cpp Wed Jul 01 16:38:14 2015 +0200 +++ b/hotspot/src/share/vm/runtime/arguments.cpp Thu Jul 02 12:25:55 2015 +0300 @@ -837,16 +837,19 @@ arg_len = equal_sign - argname; } - // Construct a string which consists only of the argument name without '+', '-', or '='. - char stripped_argname[256]; - strncpy(stripped_argname, argname, arg_len); - stripped_argname[arg_len] = '\0'; //strncpy doesn't null terminate. - - if (is_newly_obsolete(stripped_argname, &since)) { - char version[256]; - since.to_string(version, sizeof(version)); - warning("ignoring option %s; support was removed in %s", stripped_argname, version); - return true; + // Only make the obsolete check for valid arguments. + if (arg_len <= BUFLEN) { + // Construct a string which consists only of the argument name without '+', '-', or '='. + char stripped_argname[BUFLEN+1]; + strncpy(stripped_argname, argname, arg_len); + stripped_argname[arg_len] = '\0'; // strncpy may not null terminate. + + if (is_newly_obsolete(stripped_argname, &since)) { + char version[256]; + since.to_string(version, sizeof(version)); + warning("ignoring option %s; support was removed in %s", stripped_argname, version); + return true; + } } // For locked flags, report a custom error message if available. diff -r 65674ad91414 -r a184abca1684 hotspot/test/runtime/CommandLine/TestLongUnrecognizedVMOption.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/hotspot/test/runtime/CommandLine/TestLongUnrecognizedVMOption.java Thu Jul 02 12:25:55 2015 +0300 @@ -0,0 +1,48 @@ +/* + * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8129786 + * @summary Verify that JVM correctly processes very long unrecognized VM option + * @library /testlibrary + * @modules java.management + * @run main TestLongUnrecognizedVMOption + */ + +import jdk.test.lib.OutputAnalyzer; +import jdk.test.lib.ProcessTools; + +public class TestLongUnrecognizedVMOption { + + /* Create option with very long length(greater than 500 characters) */ + private static final String VERY_LONG_OPTION = String.format("%500s=10", "unrecognizedoption").replace(" ", "a"); + + public static void main(String[] args) throws Exception { + OutputAnalyzer output; + + output = new OutputAnalyzer(ProcessTools.createJavaProcessBuilder("-XX:" + VERY_LONG_OPTION, "-version").start()); + output.shouldHaveExitValue(1); + output.shouldContain(String.format("Unrecognized VM option '%s'", VERY_LONG_OPTION)); + } +}