JDK-8165936 : Potential Heap buffer overflow when seaching timezone info files
- Type: Bug
- Component: core-libs
- Sub-Component: java.util:i18n
- Affected Version: 6,7,8,9
- Priority: P3
- Status: Resolved
- Resolution: Fixed
- OS: linux,solaris
- Submitted: 2016-09-13
- Updated: 2020-07-24
- Resolved: 2016-09-15
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 8 | JDK 9 | Other |
|---|---|---|
8u261Fixed  |
9 b137Fixed |
openjdk8u272Fixed |
Related Reports
|
Relates :
|
|
|
Relates :
|
Description
When looking for platform-specific timezone info files, readdir_r() is used to list the content of the directory containing the zoneinfo file. The output buffer allocated is too short, which may result in readdir_r() to write beyond the end of the output buffer.
Comments
|