Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

8299677: Formatter.format might take a long time to format an integer or floating-point #1667

Closed
wants to merge 98 commits into from

Conversation

phohensee
Copy link
Member

@phohensee phohensee commented Jan 17, 2023

Simple almost clean backport of a potential DOS attack vector fix. Backport from JDK 17 (see openjdk/jdk17u-dev#1077) is clean. Copyright date conflict, plus changed

Flags.contains(f, Flags.ZERO_PAD)

to

f.contains(Flags.ZERO_PAD)

Passes new and old Formatter tests.


Progress

  • Change must be properly reviewed (1 review required, with at least 1 Reviewer)
  • Change must not contain extraneous whitespace
  • Commit message must refer to an issue
  • JDK-8299677 needs maintainer approval

Issue

  • JDK-8299677: Formatter.format might take a long time to format an integer or floating-point (Bug - P4 - Approved)

Reviewers

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk11u-dev.git pull/1667/head:pull/1667
$ git checkout pull/1667

Update a local copy of the PR:
$ git checkout pull/1667
$ git pull https://git.openjdk.org/jdk11u-dev.git pull/1667/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 1667

View PR using the GUI difftool:
$ git pr show -t 1667

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk11u-dev/pull/1667.diff

Webrev

Link to Webrev Comment

@bridgekeeper
Copy link

bridgekeeper bot commented Jan 17, 2023

👋 Welcome back phh! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

@openjdk openjdk bot changed the title Backport 33412c102ce799ff2de3512df77e6e07d76acd36 8299677: Formatter.format might take a long time to format an integer or floating-point Jan 17, 2023
@openjdk
Copy link

openjdk bot commented Jan 17, 2023

This backport pull request has now been updated with issue from the original commit.

@openjdk openjdk bot added backport rfr Pull request is ready for review labels Jan 17, 2023
@mlbridge
Copy link

mlbridge bot commented Jan 17, 2023

Webrevs

@phohensee
Copy link
Member Author

The pre-submit test failures occur because the new test, Padding.java, fails compilation by jtreg because Padding.java imports org.junit.jupiter. The latter is available in jtreg version 7.2, which I run on my test machines, but is not available in the version of jtreg used to run the pre-submit tests. The jtreg version used to run the pre-submit tests should be upgraded because otherwise backporting new tests will difficult/impossible without rewrites.

@bridgekeeper
Copy link

bridgekeeper bot commented Feb 24, 2023

@phohensee This pull request has been inactive for more than 4 weeks and will be automatically closed if another 4 weeks passes without any activity. To avoid this, simply add a new comment to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration!

@phohensee
Copy link
Member Author

/open

@openjdk
Copy link

openjdk bot commented Feb 24, 2023

@phohensee This pull request is already open

mrserb and others added 18 commits February 27, 2023 22:18
…fails

Backport-of: 54a29a4470a0482c6b7f9f2d695e357044e684a7
…CompensatedSums.java

Backport-of: c08ff2c7b88e94885f6b4701654a9e47e49567b0
…used in TEST.properties

Backport-of: 04d8069bacc6259fc5bf9de6963bb099fcfc4961
Backport-of: b685fc2de4d2847de2d1efaab2890646257ea6d3
…86488.java fails

Backport-of: c640fe42c2b5e6668a2a875678be44443942c868
Reviewed-by: goetz
Backport-of: 0e98d6a81a395741f992df97d98b4e07679951ea
…dParameterException shown by sun/security/pkcs11 tests

Reviewed-by: phh
Backport-of: d5d34241e21305379f1858556f225e7645cd294e
Reviewed-by: phh
Backport-of: 1627166
Backport-of: 0cb0ecf4433f1054ba2f0fbdabee01323893e0fe
…Server cleanly in case of exceptions

Backport-of: 784fa0add77a3e473e2cdbdcc27b3ed076678565
…l size

Backport-of: a34f2d3728c077d1dbdfa313f1bf29629fbc32f6
Backport-of: decb1b79bc475f024a02135fa3394ff97098e758
Backport-of: 5ae6de859d472d107cdf642c417c6d2f1c74e5db
Backport-of: 5e2de89628aaf6acb8e458fb417426ca5e477bea
…nnectException

Backport-of: 13d4ddc35b1a64e2d882c7dcd554b5aee2720c53
@openjdk
Copy link

openjdk bot commented Feb 26, 2024

@phohensee This pull request is now open

@phohensee
Copy link
Member Author

/open

@openjdk
Copy link

openjdk bot commented Feb 27, 2024

@phohensee This pull request is already open

phohensee and others added 9 commits February 27, 2024 20:44
Reviewed-by: lucy
Backport-of: 2c2b3726f934d78ea044186320ef7c67b100ab8e
Reviewed-by: lucy
Backport-of: 1741d13b1260253d1e299e8da9c42b5519a7ae48
Backport-of: a2391a92cd09630cc3c46024f7e02924a997cc86
Backport-of: 42b9ac8a07b540f4d7955a778923d24a876451cc
…od 'ps_proc.c::process_get_lwp_regs'

Reviewed-by: fyang, gli
Backport-of: 2f1c65486b1e584f9c4a2eb7af2414d032a02748
Reviewed-by: phh
Backport-of: 951b5f8ecb9cd2a72b3904c110179afe487ada2b
Backport-of: 292ee630ae32c3b50363b10ffa6090e57ffef1e8
@shipilev
Copy link
Member

Now that #2612 is in, we can re-merge from master and finalize this backport.

Copy link
Member

@shipilev shipilev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks like a clean backport now.

@phohensee
Copy link
Member Author

Thanks for the quick review, Aleksey.

@phohensee
Copy link
Member Author

/approval request Simple clean (net of copyright date) backport from JDK 17 (in 17.0.10) of a potential DOS attack vector fix. New test passes.

@openjdk
Copy link

openjdk bot commented Apr 4, 2024

@phohensee
8299677: The approval request has been created successfully.

@openjdk openjdk bot added approval ready Pull request is ready to be integrated and removed approval labels Apr 4, 2024
@phohensee
Copy link
Member Author

/integrate

@openjdk
Copy link

openjdk bot commented Apr 4, 2024

Going to push as commit 9ac4063.

@openjdk openjdk bot added the integrated Pull request has been integrated label Apr 4, 2024
@openjdk openjdk bot closed this Apr 4, 2024
@openjdk openjdk bot removed ready Pull request is ready to be integrated rfr Pull request is ready for review labels Apr 4, 2024
@openjdk
Copy link

openjdk bot commented Apr 4, 2024

@phohensee Pushed as commit 9ac4063.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport integrated Pull request has been integrated
Development

Successfully merging this pull request may close these issues.