diff --git a/jdk/src/java.base/macosx/native/libjli/java_md_macosx.c b/jdk/src/java.base/macosx/native/libjli/java_md_macosx.c index 67217f9538f..2f3409dc0da 100644 --- a/jdk/src/java.base/macosx/native/libjli/java_md_macosx.c +++ b/jdk/src/java.base/macosx/native/libjli/java_md_macosx.c @@ -611,7 +611,11 @@ GetJREPath(char *path, jint pathsize, const char * arch, jboolean speculative) if (access(libjava, F_OK) == 0) { return JNI_TRUE; } - + /* ensure storage for path + /jre + NULL */ + if ((JLI_StrLen(path) + 4 + 1) > (size_t) pathsize) { + JLI_TraceLauncher("Insufficient space to store JRE path\n"); + return JNI_FALSE; + } /* Does the app ship a private JRE in /jre directory? */ JLI_Snprintf(libjava, sizeof(libjava), "%s/jre/lib/" JAVA_DLL, path); if (access(libjava, F_OK) == 0) { diff --git a/jdk/src/java.base/unix/native/libjli/java_md_solinux.c b/jdk/src/java.base/unix/native/libjli/java_md_solinux.c index a1813ad0381..38d8834a932 100644 --- a/jdk/src/java.base/unix/native/libjli/java_md_solinux.c +++ b/jdk/src/java.base/unix/native/libjli/java_md_solinux.c @@ -340,6 +340,7 @@ CreateExecutionEnvironment(int *pargc, char ***pargv, char* newpath = NULL; /* path on new LD_LIBRARY_PATH */ char* lastslash = NULL; char** newenvp = NULL; /* current environment */ + size_t new_runpath_size; #ifdef __solaris__ char* dmpath = NULL; /* data model specific LD_LIBRARY_PATH, Solaris only */ @@ -516,13 +517,14 @@ CreateExecutionEnvironment(int *pargc, char ***pargv, /* runpath contains current effective LD_LIBRARY_PATH setting */ jvmpath = JLI_StringDup(jvmpath); - new_runpath = JLI_MemAlloc(((runpath != NULL) ? JLI_StrLen(runpath) : 0) + + new_runpath_size = ((runpath != NULL) ? JLI_StrLen(runpath) : 0) + 2 * JLI_StrLen(jrepath) + 2 * JLI_StrLen(arch) + #ifdef AIX /* On AIX we additionally need 'jli' in the path because ld doesn't support $ORIGIN. */ JLI_StrLen(jrepath) + JLI_StrLen(arch) + JLI_StrLen("/lib//jli:") + #endif - JLI_StrLen(jvmpath) + 52); + JLI_StrLen(jvmpath) + 52; + new_runpath = JLI_MemAlloc(new_runpath_size); newpath = new_runpath + JLI_StrLen(LD_LIBRARY_PATH "="); @@ -577,6 +579,11 @@ CreateExecutionEnvironment(int *pargc, char ***pargv, * loop of execv() because we test for the prefix, above. */ if (runpath != 0) { + /* ensure storage for runpath + colon + NULL */ + if ((JLI_StrLen(runpath) + 1 + 1) > new_runpath_size) { + JLI_ReportErrorMessageSys(JRE_ERROR11); + exit(1); + } JLI_StrCat(new_runpath, ":"); JLI_StrCat(new_runpath, runpath); } @@ -667,7 +674,11 @@ GetJREPath(char *path, jint pathsize, const char * arch, jboolean speculative) JLI_TraceLauncher("JRE path is %s\n", path); return JNI_TRUE; } - + /* ensure storage for path + /jre + NULL */ + if ((JLI_StrLen(path) + 4 + 1) > (size_t) pathsize) { + JLI_TraceLauncher("Insufficient space to store JRE path\n"); + return JNI_FALSE; + } /* Does the app ship a private JRE in /jre directory? */ JLI_Snprintf(libjava, sizeof(libjava), "%s/jre/lib/%s/" JAVA_DLL, path, arch); if (access(libjava, F_OK) == 0) { diff --git a/jdk/src/java.base/windows/native/libjli/java_md.c b/jdk/src/java.base/windows/native/libjli/java_md.c index dc58c02aadc..98f3e985c90 100644 --- a/jdk/src/java.base/windows/native/libjli/java_md.c +++ b/jdk/src/java.base/windows/native/libjli/java_md.c @@ -323,7 +323,11 @@ GetJREPath(char *path, jint pathsize) JLI_TraceLauncher("JRE path is %s\n", path); return JNI_TRUE; } - + /* ensure storage for path + \jre + NULL */ + if ((JLI_StrLen(path) + 4 + 1) > (size_t) pathsize) { + JLI_TraceLauncher("Insufficient space to store JRE path\n"); + return JNI_FALSE; + } /* Does this app ship a private JRE in \jre directory? */ JLI_Snprintf(javadll, sizeof (javadll), "%s\\jre\\bin\\" JAVA_DLL, path); if (stat(javadll, &s) == 0) {