Wrong sscanf used to parse CompilerOracle command >= 32 characters could lead to crash
when providing command name >=32 chars to CompilerOracle (either using command line or .hotspot_compiler file).
The root cause is in vm\compiler\compilerOracle.cpp, parse_command_name(const char*, int*):
static OracleCommand parse_command_name(const char * line, int* bytes_read) {
...
char command[32];
int result = sscanf(line, "%32[a-z]%n", command, bytes_read);
...
}
sscanf writes <=32 matching characters + null terminator character to char
array that should be long enough.
When specifying command name equal to or longer than 32 characters [a-z],
sscanf will write null terminator character out of command[32] array bounds,
that produces crash or possible wrong behavior depending on compiler mode.
To reproduce try to do:
java -XX:CompileCommand=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx,a/b/c.d -version