** Branch linked: lp:ubuntu/openjdk-6 -- You received this bug notification because you are a member of OpenJDK, which is subscribed to openjdk-6 in Ubuntu. https://bugs.launchpad.net/bugs/419018
Title: buffer overflow in debugger's socket handler Status in OpenJDK: Unknown Status in “openjdk-6” package in Ubuntu: Fix Released Bug description: When compiled with fortification: $ /usr/lib/jvm/java-6-openjdk/jre/bin/java -agentlib:jdwp=transport=dt_socket,server=y,suspend=y,address=50701 Exit0 & [1] 8785 Listening for transport dt_socket at address: 50701 $ echo -n "Here's a poke in the eye" | nc -v localhost 50701 *** buffer overflow detected ***: /usr/lib/jvm/java-6-openjdk/jre/bin/java terminated ======= Backtrace: ========= /lib/libc.so.6(__fortify_fail+0x40)[0xf7ed7a90] /lib/libc.so.6[0xf7ed6aa0] /lib/libc.so.6[0xf7ed5dca] /usr/lib/jvm/java-6-openjdk/jre/lib/i386/libdt_socket.so[0xf7134eb7] /usr/lib/jvm/java-6-openjdk/jre/lib/i386/libdt_socket.so[0xf7135066] /usr/lib/jvm/java-6-openjdk/jre/lib/i386/libjdwp.so[0xf7166357] ... This is due to openjdk/jdk/src/share/transport/socket/socketTransport.c containing too small a buffer to report the error: Debugger failed to attach: handshake failed - received >Here's a poke < - excepted >JDWP-Handshake< 64 vs 73 bytes. Found while investigating test regression in bug 330713. ProblemType: Bug Architecture: amd64 Date: Tue Aug 25 21:23:34 2009 DistroRelease: Ubuntu 9.10 Package: openjdk-6-jdk 6b16-1.6~pre1-0ubuntu1 ProcEnviron: LANGUAGE=en_US.UTF-8 PATH=(custom, user) LANG=en_US.UTF-8 SHELL=/bin/bash ProcVersionSignature: Ubuntu 2.6.31-6.25-generic SourcePackage: openjdk-6 Uname: Linux 2.6.31-6-generic x86_64 _______________________________________________ Mailing list: https://launchpad.net/~openjdk Post to : [email protected] Unsubscribe : https://launchpad.net/~openjdk More help : https://help.launchpad.net/ListHelp
