Replace the static error string in ZIP_Put_In_Cache0 with on stack memory
zhouyx at linux.vnet.ibm.com
Tue Apr 10 00:10:53 PDT 2012
I modified the patch according to your comments.
The new webrev for cl is:
And it is found that hotspot calls ZIP_Open through (*ZipOpen) in
.So I also made a patch for it and add hotspot-dev to cc list.
File classLoader.cpp is the only one I have found calling ZIP_Open.
The webrev for hotspot is:
To hotspot guys,
We are trying to make the error path in ZIP_Open
in src/share/native/java/util/zip/zip_util.c thread safe by changing the
errbuf from static array to on stack array. This will cause the returned
error string allocated from heap, which need to be freed. I checked the
code and found only classLoader.cpp calls this function, so I made the
above webrev. Please take a look.
Link to the start of discussion:
Link to the bug: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7159982
On Mon, Apr 9, 2012 at 6:01 PM, Alan Bateman <Alan.Bateman at oracle.com>wrote:
> On 09/04/2012 08:53, Sean Chou wrote:
>> Hi all,
>> I would like to suggest to replace the static error string in
>> ZIP_Put_In_Cache0 with on stack memory.
>> The modification is here:
>> http://cr.openjdk.java.net/~**zhouyx/OJDK-482/webrev.00/<http://cr.openjdk.java.net/~zhouyx/OJDK-482/webrev.00/> .
>> Good catch, this one had probably been there for a long time but doesn't
> seem to have been noticed (perhaps because it should be rare for 2+ threads
> to attempt to open malformed zip files at around the same time).
> The changes in the webrev look okay to me. Minor nit in zip_util.c at L847
> where there should be a space in "if(". In ZipFile.c then another choice
> would be to add the free after ThrowZipException(env,msg). Where you have
> it is okay too but probably should be split over two lines to be consistent.
> I assume that Neil or Charles will push this for you. I've created a bug
> for it:
> 7159982: ZipFile uses static for error message when malformed zip file
More information about the core-libs-dev