. Fix infinite loop in parsing certain doubles. See CVE-2010-4476.

svn path=/head/; revision=268829
2025-07-18 17:59:20 -04:00 · 2011-02-09 17:13:40 +00:00 · 2011-02-09 17:13:40 +00:00 · 4b97549646 · 2021-03-31 03:12:20 +00:00
commit 4b97549646
parent d4e0e31458
8 changed files with 48 additions and 3 deletions
--- a/java/jdk15/Makefile
+++ b/java/jdk15/Makefile
@ -7,7 +7,7 @@

 PORTNAME=	jdk
 PORTVERSION=	${JDK_VERSION}.${JDK_UPDATE_VERSION}p${JDK_PATCHSET_VERSION}
-PORTREVISION=	9
+PORTREVISION=	10
 PORTEPOCH=	1
 CATEGORIES=	java devel
 MASTER_SITES=	# http://download.java.net/tiger/
--- a/java/jdk15/files/patch-FloatingDecimal.java
+++ b/java/jdk15/files/patch-FloatingDecimal.java
@ -0,0 +1,11 @@
+--- ../../j2se/src/share/classes/sun/misc/FloatingDecimal.java.orig	2011-02-08 21:47:56.000000000 -0800
+++ ../../j2se/src/share/classes/sun/misc/FloatingDecimal.java	2011-02-08 21:48:18.000000000 -0800
+@@ -1529,7 +1529,7 @@
+ 		if ( (cmpResult = bigB.cmp( bigD ) ) > 0 ){
+ 		    overvalue = true; // our candidate is too big.
+ 		    diff = bigB.sub( bigD );
+-		    if ( (bigIntNBits == 1) && (bigIntExp > -expBias) ){
+		    if ( (bigIntNBits == 1) && (bigIntExp > -expBias+1) ){
+ 			// candidate is a normalized exact power of 2 and
+ 			// is too big. We will be subtracting.
+ 			// For our purposes, ulp is the ulp of the
--- a/java/jdk16/Makefile
+++ b/java/jdk16/Makefile
@ -7,7 +7,7 @@

 PORTNAME=	jdk
 PORTVERSION=	${JDK_VERSION}.${JDK_UPDATE_VERSION}p${JDK_PATCHSET_VERSION}
-PORTREVISION=	20
+PORTREVISION=	21
 CATEGORIES=	java devel
 MASTER_SITES=	# http://download.java.net/jdk6/
 #		 http://www.eyesbeyond.com/freebsddom/java/jdk16.html
--- a/java/jdk16/files/patch-FloatingDecimal.java
+++ b/java/jdk16/files/patch-FloatingDecimal.java
@ -0,0 +1,11 @@
+--- ../../j2se/src/share/classes/sun/misc/FloatingDecimal.java.orig	2011-02-08 21:47:56.000000000 -0800
+++ ../../j2se/src/share/classes/sun/misc/FloatingDecimal.java	2011-02-08 21:48:18.000000000 -0800
+@@ -1529,7 +1529,7 @@
+ 		if ( (cmpResult = bigB.cmp( bigD ) ) > 0 ){
+ 		    overvalue = true; // our candidate is too big.
+ 		    diff = bigB.sub( bigD );
+-		    if ( (bigIntNBits == 1) && (bigIntExp > -expBias) ){
+		    if ( (bigIntNBits == 1) && (bigIntExp > -expBias+1) ){
+ 			// candidate is a normalized exact power of 2 and
+ 			// is too big. We will be subtracting.
+ 			// For our purposes, ulp is the ulp of the
--- a/java/openjdk6/Makefile
+++ b/java/openjdk6/Makefile
@ -7,7 +7,7 @@

 PORTNAME=	openjdk6
 PORTVERSION=	b20
-PORTREVISION=	7
+PORTREVISION=	8
 CATEGORIES=	java devel
 MASTER_SITES=	http://download.java.net/openjdk/jdk6/promoted/${PORTVERSION}/ \
 		https://jaxp.dev.java.net/files/documents/913/150648/:jaxp \
--- a/java/openjdk6/files/patch-FloatingDecimal.java
+++ b/java/openjdk6/files/patch-FloatingDecimal.java
@ -0,0 +1,11 @@
+--- jdk/src/share/classes/sun/misc/FloatingDecimal.java.orig	2010-06-21 14:15:30.000000000 -0700
+++ jdk/src/share/classes/sun/misc/FloatingDecimal.java	2011-02-08 22:30:49.000000000 -0800
+@@ -1547,7 +1547,7 @@
+                 if ( (cmpResult = bigB.cmp( bigD ) ) > 0 ){
+                     overvalue = true; // our candidate is too big.
+                     diff = bigB.sub( bigD );
+-                    if ( (bigIntNBits == 1) && (bigIntExp > -expBias) ){
+                    if ( (bigIntNBits == 1) && (bigIntExp > -expBias+1) ){
+                         // candidate is a normalized exact power of 2 and
+                         // is too big. We will be subtracting.
+                         // For our purposes, ulp is the ulp of the
--- a/java/openjdk7/Makefile
+++ b/java/openjdk7/Makefile
@ -7,6 +7,7 @@

 PORTNAME=	openjdk
 PORTVERSION=	${JDK_MAJOR_VERSION}.${JDK_MINOR_VERSION}.${JDK_BUILD_NUMBER}
+PORTREVISION=	1
 CATEGORIES=	java devel
 MASTER_SITES=	http://download.java.net/openjdk/jdk7/promoted/b${JDK_BUILD_NUMBER}/ \
 		https://jaxp.dev.java.net/files/documents/913/152561/:jaxp \
--- a/java/openjdk7/files/patch-FloatingDecimal.java
+++ b/java/openjdk7/files/patch-FloatingDecimal.java
@ -0,0 +1,11 @@
+--- jdk/src/share/classes/sun/misc/FloatingDecimal.java.orig	2010-06-21 14:15:30.000000000 -0700
+++ jdk/src/share/classes/sun/misc/FloatingDecimal.java	2011-02-08 22:30:49.000000000 -0800
+@@ -1547,7 +1547,7 @@
+                 if ( (cmpResult = bigB.cmp( bigD ) ) > 0 ){
+                     overvalue = true; // our candidate is too big.
+                     diff = bigB.sub( bigD );
+-                    if ( (bigIntNBits == 1) && (bigIntExp > -expBias) ){
+                    if ( (bigIntNBits == 1) && (bigIntExp > -expBias+1) ){
+                         // candidate is a normalized exact power of 2 and
+                         // is too big. We will be subtracting.
+                         // For our purposes, ulp is the ulp of the