Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8165936

Potential Heap buffer overflow when seaching timezone info files

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: 6, 7, 8, 9
    • Fix Version/s: 9
    • Component/s: core-libs
    • Labels:
      None
    • Subcomponent:
    • Introduced In Build:
      b10
    • Resolved In Build:
      b137
    • OS:
      linux, solaris

      Backports

        Description

        When looking for platform-specific timezone info files, readdir_r() is used to list the content of the directory containing the zoneinfo file. The output buffer allocated is too short, which may result in readdir_r() to write beyond the end of the output buffer.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  stuefe Thomas Stuefe
                  Reporter:
                  stuefe Thomas Stuefe
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: