Greetings:
I made a change to
src/share/native/sun/security/pkcs11/wrapper/p11_convert.c... I replaced
all the code that looks like this:
struct fubar bar;
memset(&bar, 0, sizeof(struct fubar));
with code that looks like this:
struct fubar bar = {0};
Also, I looked for similar usage patterns in neighbouring security code
that would cause references to uninitialized data structure memory, and
found none. The basic issue that I discovered was that certain
procedures were returning structures (not pointers to structures) that
were allocated on the stack as uninitialized memory. (I found the bug by
running the native code through doxygen and then I looked at every data
structure instance.)
The latest webrev image is at:
http://cr.openjdk.java.net/~jzavgren/8003245/webrev.02/
<http://cr.openjdk.java.net/%7Ejzavgren/8003245/webrev.02/>
Thanks!
John Zavgren
On 06/18/2013 10:27 PM, John Zavgren wrote:
Greetings:
Please consider the following changes that eliminate the use of
uninitialized memory.
http://cr.openjdk.java.net/~jzavgren/8003245/webrev.01/
Thanks!
John
--
John Zavgren
john.zavg...@oracle.com
603-821-0904
US-Burlington-MA
