# HG changeset patch
# User never
# Date 1292397420 28800
# Node ID 781072b12368ffddb29773d57e5ecc55e23bb1a9
# Parent  7737fa7ec2b594e403734e6d30d6ba0123124643
6765546: Wrong sscanf used to parse CompilerOracle command >= 32 characters could lead to crash
Reviewed-by: kvn, iveresov

diff -r 7737fa7ec2b5 -r 781072b12368 src/share/vm/compiler/compilerOracle.cpp
--- a/src/share/vm/compiler/compilerOracle.cpp	Tue Dec 14 12:44:30 2010 -0800
+++ b/src/share/vm/compiler/compilerOracle.cpp	Tue Dec 14 23:17:00 2010 -0800
@@ -332,7 +332,7 @@
          "command_names size mismatch");
 
   *bytes_read = 0;
-  char command[32];
+  char command[33];
   int result = sscanf(line, "%32[a-z]%n", command, bytes_read);
   for (uint i = 0; i < ARRAY_SIZE(command_names); i++) {
     if (strcmp(command, command_names[i]) == 0) {
@@ -470,6 +470,12 @@
   OracleCommand command = parse_command_name(line, &bytes_read);
   line += bytes_read;
 
+  if (command == UnknownCommand) {
+    tty->print_cr("CompilerOracle: unrecognized line");
+    tty->print_cr("  \"%s\"", original_line);
+    return;
+  }
+
   if (command == QuietCommand) {
     _quiet = true;
     return;
@@ -498,7 +504,7 @@
     line += bytes_read;
     // there might be a signature following the method.
     // signatures always begin with ( so match that by hand
-    if (1 == sscanf(line, "%*[ \t](%254[);/" RANGEBASE "]%n", sig + 1, &bytes_read)) {
+    if (1 == sscanf(line, "%*[ \t](%254[[);/" RANGEBASE "]%n", sig + 1, &bytes_read)) {
       sig[0] = '(';
       line += bytes_read;
       signature = oopFactory::new_symbol_handle(sig, CHECK);