Minor com.sun.jndi.dns cleanup

Florian Weimer fweimer at redhat.com
Mon Feb 17 16:22:36 UTC 2014

On 02/17/2014 04:43 PM, Florian Weimer wrote:
> This patch removes an unnecessary allocation from DnsClient and adds
> explicit detection for DNS label compression loops in ResourceRecord.
> Previously, the code relied on a StackOverflowError for exiting the
> parsing loop.

Mailman ate the attachment, so I put it up here:


Note that other implementations fixed this as CVE-2000-0333 a long time 
ago, but due to the lack of tail call optimization and reliable stack 
overflow detection, this is currently not a security vulnerability in 
OpenJDK (not even an endless loop).

Florian Weimer / Red Hat Product Security Team

More information about the core-libs-dev mailing list