Return-Path: X-Original-To: apmail-subversion-commits-archive@minotaur.apache.org Delivered-To: apmail-subversion-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 3FE8310DEF for ; Wed, 4 Sep 2013 03:58:49 +0000 (UTC) Received: (qmail 99368 invoked by uid 500); 4 Sep 2013 03:58:47 -0000 Delivered-To: apmail-subversion-commits-archive@subversion.apache.org Received: (qmail 99317 invoked by uid 500); 4 Sep 2013 03:58:34 -0000 Mailing-List: contact commits-help@subversion.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@subversion.apache.org Delivered-To: mailing list commits@subversion.apache.org Received: (qmail 99304 invoked by uid 99); 4 Sep 2013 03:58:28 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Sep 2013 03:58:28 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Sep 2013 03:58:27 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 2C0892388900; Wed, 4 Sep 2013 03:58:07 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1519913 - in /subversion/trunk/subversion/bindings/javahl/native: CreateJ.cpp JNIUtil.cpp Date: Wed, 04 Sep 2013 03:58:07 -0000 To: commits@subversion.apache.org From: brane@apache.org X-Mailer: svnmailer-1.0.9 Message-Id: <20130904035807.2C0892388900@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: brane Date: Wed Sep 4 03:58:06 2013 New Revision: 1519913 URL: http://svn.apache.org/r1519913 Log: Fix value truncation checks in JavaHL. * subversion/bindings/javahl/native/CreateJ.cpp (CreateJ::ClientNotifyInformation): Check for signed overflow. * subversion/bindings/javahl/native/JNIUtil.cpp (JNIUtil::handleSVNError): Likewise. Found by: philipm Modified: subversion/trunk/subversion/bindings/javahl/native/CreateJ.cpp subversion/trunk/subversion/bindings/javahl/native/JNIUtil.cpp Modified: subversion/trunk/subversion/bindings/javahl/native/CreateJ.cpp URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/bindings/javahl/native/CreateJ.cpp?rev=1519913&r1=1519912&r2=1519913&view=diff ============================================================================== --- subversion/trunk/subversion/bindings/javahl/native/CreateJ.cpp (original) +++ subversion/trunk/subversion/bindings/javahl/native/CreateJ.cpp Wed Sep 4 03:58:06 2013 @@ -858,7 +858,7 @@ CreateJ::ClientNotifyInformation(const s jlong jhunkModifiedLength = wcNotify->hunk_modified_length; jlong jhunkMatchedLine = wcNotify->hunk_matched_line; jint jhunkFuzz = static_cast(wcNotify->hunk_fuzz); - if (jhunkFuzz != wcNotify->hunk_fuzz) + if (jhunkFuzz < 0 || jhunkFuzz != wcNotify->hunk_fuzz) { env->ThrowNew(env->FindClass("java.lang.ArithmeticException"), "Overflow converting C svn_linenum_t to Java int"); Modified: subversion/trunk/subversion/bindings/javahl/native/JNIUtil.cpp URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/bindings/javahl/native/JNIUtil.cpp?rev=1519913&r1=1519912&r2=1519913&view=diff ============================================================================== --- subversion/trunk/subversion/bindings/javahl/native/JNIUtil.cpp (original) +++ subversion/trunk/subversion/bindings/javahl/native/JNIUtil.cpp Wed Sep 4 03:58:06 2013 @@ -663,7 +663,7 @@ void JNIUtil::handleSVNError(svn_error_t POP_AND_RETURN_NOTHING(); const jsize stSize = static_cast(newStackTrace.size()); - if (stSize != newStackTrace.size()) + if (stSize < 0 || stSize != newStackTrace.size()) { env->ThrowNew(env->FindClass("java.lang.ArithmeticException"), "Overflow converting C size_t to JNI jsize");