src/java.base/unix/native/libjava/TimeZone_md.c

rev 15588 : 8165936: Potential Heap buffer overflow when seaching timezone info files
Summary: readdir_r called with too small buffer
Reviewed-by:

*** 132,142 ****
      dirp = opendir(dir);
      if (dirp == NULL) {
          return NULL;
      }
  
!     entry = (struct dirent64 *) malloc((size_t) pathconf(dir, _PC_NAME_MAX));
      if (entry == NULL) {
          (void) closedir(dirp);
          return NULL;
      }
  
--- 132,155 ----
      dirp = opendir(dir);
      if (dirp == NULL) {
          return NULL;
      }
  
!     long name_max = pathconf(dir, _PC_NAME_MAX);
!     // If pathconf did not work, fall back to NAME_MAX.
!     if (name_max < 0) {
!       name_max = NAME_MAX;
!     }
!     // Some older System V systems have a very small NAME_MAX size of 14; as
!     // there is no way to tell readdir_r the output buffer size, lets enforce
!     // a mimimum buffer size.
!     const long min = 1024;
!     if (name_max < min) {
!       name_max = min;
!     }
! 
!     entry = (struct dirent64 *) malloc(offsetof(struct dirent, d_name) + name_max + 1);
      if (entry == NULL) {
          (void) closedir(dirp);
          return NULL;
      }