https://bugs.openjdk.java.net/show_bug.cgi?id=100057
GetJavaProperties has a stack-allocated fixed size buffer for holding a copy of
a string returned by setlocale(3). However, there is no guarantee that the
string will fit into this buffer.
This one is probably due to Solaris code being reused for Linux. The
patch has been in IcedTea for a long while.
OK to push, OpenJDK 7 and 6?
Andrew.
--- oldopenjdk6/jdk/src/solaris/native/java/lang/java_props_md.c
2008-08-28 04:15:51.000000000 -0400
+++ openjdk/jdk/src/solaris/native/java/lang/java_props_md.c 2008-09-15
10:37:26.000000000 -0400
@@ -211,7 +211,9 @@
* <language name>_<country name>.<encoding name>@<variant name>
* <country name>, <encoding name>, and <variant name> are
optional.
*/
- char temp[64];
+ char * temp;
+ temp = (char*) malloc(strlen(lc)+1);
+
char *language = NULL, *country = NULL, *variant = NULL,
*encoding = NULL;
char *std_language = NULL, *std_country = NULL, *std_variant =
NULL,
@@ -323,6 +325,9 @@
/* return same result nl_langinfo would return for en_UK,
* in order to use optimizations. */
std_encoding = (*p != '\0') ? p : "ISO8859-1";
+
+ /* Free temp */
+ free(temp);
#ifdef __linux__
