From da26b0d8785dbe4a0d10898e5863adff6fec79b7 Mon Sep 17 00:00:00 2001 From: Xueming Shen Date: Mon, 17 May 2010 16:18:13 -0700 Subject: [PATCH] 4853493: GZIPOutputStream passes a reference to a private array into an untrusted method Create a new header byte array for each header writeout Reviewed-by: martin --- .../java/util/zip/GZIPOutputStream.java | 27 +++++++++---------- 1 file changed, 12 insertions(+), 15 deletions(-) diff --git a/jdk/src/share/classes/java/util/zip/GZIPOutputStream.java b/jdk/src/share/classes/java/util/zip/GZIPOutputStream.java index 7f774961787..bcaad0150d3 100644 --- a/jdk/src/share/classes/java/util/zip/GZIPOutputStream.java +++ b/jdk/src/share/classes/java/util/zip/GZIPOutputStream.java @@ -179,22 +179,19 @@ class GZIPOutputStream extends DeflaterOutputStream { /* * Writes GZIP member header. */ - - private final static byte[] header = { - (byte) GZIP_MAGIC, // Magic number (short) - (byte)(GZIP_MAGIC >> 8), // Magic number (short) - Deflater.DEFLATED, // Compression method (CM) - 0, // Flags (FLG) - 0, // Modification time MTIME (int) - 0, // Modification time MTIME (int) - 0, // Modification time MTIME (int) - 0, // Modification time MTIME (int) - 0, // Extra flags (XFLG) - 0 // Operating system (OS) - }; - private void writeHeader() throws IOException { - out.write(header); + out.write(new byte[] { + (byte) GZIP_MAGIC, // Magic number (short) + (byte)(GZIP_MAGIC >> 8), // Magic number (short) + Deflater.DEFLATED, // Compression method (CM) + 0, // Flags (FLG) + 0, // Modification time MTIME (int) + 0, // Modification time MTIME (int) + 0, // Modification time MTIME (int) + 0, // Modification time MTIME (int) + 0, // Extra flags (XFLG) + 0 // Operating system (OS) + }); } /*