← Back to team overview

openjdk team mailing list archive

[Bug 419018] Re: buffer overflow in debugger's socket handler

 

** Changed in: openjdk
   Importance: Unknown => Medium

-- 
You received this bug notification because you are a member of OpenJDK,
which is subscribed to openjdk-6 in ubuntu.
https://bugs.launchpad.net/bugs/419018

Title:
  buffer overflow in debugger's socket handler

Status in OpenJDK:
  Unknown
Status in “openjdk-6” package in Ubuntu:
  Fix Released

Bug description:
  When compiled with fortification:
  $ /usr/lib/jvm/java-6-openjdk/jre/bin/java -agentlib:jdwp=transport=dt_socket,server=y,suspend=y,address=50701 Exit0 &
  [1] 8785
  Listening for transport dt_socket at address: 50701
  $ echo -n "Here's a poke in the eye" | nc -v localhost 50701
  *** buffer overflow detected ***: /usr/lib/jvm/java-6-openjdk/jre/bin/java terminated
  ======= Backtrace: =========
  /lib/libc.so.6(__fortify_fail+0x40)[0xf7ed7a90]
  /lib/libc.so.6[0xf7ed6aa0]
  /lib/libc.so.6[0xf7ed5dca]
  /usr/lib/jvm/java-6-openjdk/jre/lib/i386/libdt_socket.so[0xf7134eb7]
  /usr/lib/jvm/java-6-openjdk/jre/lib/i386/libdt_socket.so[0xf7135066]
  /usr/lib/jvm/java-6-openjdk/jre/lib/i386/libjdwp.so[0xf7166357]
  ...

  This is due to openjdk/jdk/src/share/transport/socket/socketTransport.c containing too small a buffer to report the error:
  Debugger failed to attach: handshake failed - received >Here's a poke < - excepted >JDWP-Handshake<

  64 vs 73 bytes.

  Found while investigating test regression in bug 330713.

  ProblemType: Bug
  Architecture: amd64
  Date: Tue Aug 25 21:23:34 2009
  DistroRelease: Ubuntu 9.10
  Package: openjdk-6-jdk 6b16-1.6~pre1-0ubuntu1
  ProcEnviron:
   LANGUAGE=en_US.UTF-8
   PATH=(custom, user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcVersionSignature: Ubuntu 2.6.31-6.25-generic
  SourcePackage: openjdk-6
  Uname: Linux 2.6.31-6-generic x86_64





References