openjdk team mailing list archive

[Roger Binns <ubuntu@xxxxxxxxxxxxxx>]

Public bug reported:

In  my testing I created an input file that included 6 consecutive 0xff
bytes.  The code reads this calling `new String(bytes, "UTF8")` which
results in the JVM crashing.

If I create a simple class that only does what is described above then
there is no crash so it is a more complicated environment that makes it
crash.

This is possibly a security issue because it is causing the JVM to read
data beyond what it safely should.

** Affects: openjdk-6 (Ubuntu)
     Importance: Undecided
         Status: Invalid

-- 
You received this bug notification because you are a member of OpenJDK,
which is subscribed to openjdk-6 in Ubuntu.
https://bugs.launchpad.net/bugs/912660

Title:
  Invalid UTF8 bytes crashes jvm

Status in “openjdk-6” package in Ubuntu:
  Invalid

Bug description:
  In  my testing I created an input file that included 6 consecutive
  0xff bytes.  The code reads this calling `new String(bytes, "UTF8")`
  which results in the JVM crashing.

  If I create a simple class that only does what is described above then
  there is no crash so it is a more complicated environment that makes
  it crash.

  This is possibly a security issue because it is causing the JVM to
  read data beyond what it safely should.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openjdk-6/+bug/912660/+subscriptions