@@ -21,6 +21,7 @@ PATCHES_URI = "\
file://2007-jdk-no-genx11-in-headless.patch \
file://2008-jdk-no-unused-deps.patch \
file://2009-jdk-make-use-gcc-instead-of-ld-for-genSocketOptionRe.patch \
+ file://CVE-2022-34169.patch \
"
HOTSPOT_UB_PATCH = "\
file://1001-hotspot-fix-crash-on-JNI_CreateJavaVM.patch \
new file mode 100644
@@ -0,0 +1,111 @@
+From 41ef2b249073450172e11163a4d05762364b1297 Mon Sep 17 00:00:00 2001
+From: Joe Wang <joehw@openjdk.org>
+Date: Fri, 13 May 2022 02:02:26 +0000
+Subject: [PATCH] 8285407: Improve Xalan supports
+
+Reviewed-by: naoto, lancea, ahgross, rhalade
+Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com>
+
+CVE: CVE-2022-34169
+
+Upstream-Status: Backport [https://launchpadlibrarian.net/614309983/openjdk-8_8u342~b06-1_8u342-b07-1.diff.gz]
+---
+Index: openjdk/jaxp/src/com/sun/org/apache/bcel/internal/classfile/ConstantPool.java
+===================================================================
+--- a/jaxp/src/com/sun/org/apache/bcel/internal/classfile/ConstantPool.java
++++ b/jaxp/src/com/sun/org/apache/bcel/internal/classfile/ConstantPool.java
+@@ -1,6 +1,5 @@
+ /*
+- * reserved comment block
+- * DO NOT REMOVE OR ALTER!
++ * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+ */
+ package com.sun.org.apache.bcel.internal.classfile;
+
+@@ -59,6 +58,7 @@ package com.sun.org.apache.bcel.internal
+ */
+
+ import com.sun.org.apache.bcel.internal.Constants;
++import com.sun.org.apache.bcel.internal.generic.ConstantPoolGen;
+ import java.io.*;
+
+ /**
+@@ -72,6 +72,7 @@ import java.io.*;
+ * @see Constant
+ * @see com.sun.org.apache.bcel.internal.generic.ConstantPoolGen
+ * @author <A HREF="mailto:markus.dahm@berlin.de">M. Dahm</A>
++ * @LastModified: May 2022
+ */
+ public class ConstantPool implements Cloneable, Node, Serializable {
+ private int constant_pool_count;
+@@ -226,9 +227,16 @@ public class ConstantPool implements Clo
+ */
+ public void dump(DataOutputStream file) throws IOException
+ {
+- file.writeShort(constant_pool_count);
++ /*
++ * Constants over the size of the constant pool shall not be written out.
++ * This is a redundant measure as the ConstantPoolGen should have already
++ * reported an error back in the situation.
++ */
++ int size = constant_pool_count < ConstantPoolGen.CONSTANT_POOL_SIZE - 1 ?
++ constant_pool_count : ConstantPoolGen.CONSTANT_POOL_SIZE - 1;
+
+- for(int i=1; i < constant_pool_count; i++)
++ file.writeShort(size);
++ for(int i=1; i < size; i++)
+ if(constant_pool[i] != null)
+ constant_pool[i].dump(file);
+ }
+Index: openjdk/jaxp/src/com/sun/org/apache/bcel/internal/generic/ConstantPoolGen.java
+===================================================================
+--- a/jaxp/src/com/sun/org/apache/bcel/internal/generic/ConstantPoolGen.java
++++ b/jaxp/src/com/sun/org/apache/bcel/internal/generic/ConstantPoolGen.java
+@@ -1,6 +1,5 @@
+ /*
+- * reserved comment block
+- * DO NOT REMOVE OR ALTER!
++ * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+ */
+ package com.sun.org.apache.bcel.internal.generic;
+
+@@ -74,8 +73,10 @@ import java.util.HashMap;
+ *
+ * @author <A HREF="mailto:markus.dahm@berlin.de">M. Dahm</A>
+ * @see Constant
++ * @LastModified: May 2022
+ */
+ public class ConstantPoolGen implements java.io.Serializable {
++ public static final int CONSTANT_POOL_SIZE = 65536;
+ protected int size = 1024; // Inital size, sufficient in most cases
+ protected Constant[] constants = new Constant[size];
+ protected int index = 1; // First entry (0) used by JVM
+@@ -97,7 +98,7 @@ public class ConstantPoolGen implements
+ */
+ public ConstantPoolGen(Constant[] cs) {
+ if(cs.length > size) {
+- size = cs.length;
++ size = Math.min(cs.length, CONSTANT_POOL_SIZE);
+ constants = new Constant[size];
+ }
+
+@@ -170,10 +171,19 @@ public class ConstantPoolGen implements
+ /** Resize internal array of constants.
+ */
+ protected void adjustSize() {
++ // 3 extra spaces are needed as some entries may take 3 slots
++ if (index + 3 >= CONSTANT_POOL_SIZE) {
++ throw new RuntimeException("The number of constants " + (index + 3) +
++ " is over the size of the constant pool: " +
++ (CONSTANT_POOL_SIZE - 1));
++ }
++
+ if(index + 3 >= size) {
+ Constant[] cs = constants;
+
+ size *= 2;
++ // the constant array shall not exceed the size of the constant pool
++ size = Math.min(size, CONSTANT_POOL_SIZE);
+ constants = new Constant[size];
+ System.arraycopy(cs, 0, constants, 0, index);
+ }