. Fix infinite loop in parsing certain doubles. See CVE-2010-4476.

2 files changed, 12 insertions, 1 deletions

diff --git a/java/jdk15/Makefile b/java/jdk15/Makefile
index 6f243b05b89d..f9dd5f714303 100644
--- a/java/jdk15/Makefile
+++ b/java/jdk15/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	jdk
 PORTVERSION=	${JDK_VERSION}.${JDK_UPDATE_VERSION}p${JDK_PATCHSET_VERSION}
-PORTREVISION=	9
+PORTREVISION=	10
 PORTEPOCH=	1
 CATEGORIES=	java devel
 MASTER_SITES=	# http://download.java.net/tiger/
diff --git a/java/jdk15/files/patch-FloatingDecimal.java b/java/jdk15/files/patch-FloatingDecimal.java
new file mode 100644
index 000000000000..6141b18cb7eb
--- /dev/null
+++ b/java/jdk15/files/patch-FloatingDecimal.java
@@ -0,0 +1,11 @@
+--- ../../j2se/src/share/classes/sun/misc/FloatingDecimal.java.orig	2011-02-08 21:47:56.000000000 -0800
++++ ../../j2se/src/share/classes/sun/misc/FloatingDecimal.java	2011-02-08 21:48:18.000000000 -0800
+@@ -1529,7 +1529,7 @@
+ 		if ( (cmpResult = bigB.cmp( bigD ) ) > 0 ){
+ 		    overvalue = true; // our candidate is too big.
+ 		    diff = bigB.sub( bigD );
+-		    if ( (bigIntNBits == 1) && (bigIntExp > -expBias) ){
++		    if ( (bigIntNBits == 1) && (bigIntExp > -expBias+1) ){
+ 			// candidate is a normalized exact power of 2 and
+ 			// is too big. We will be subtracting.
+ 			// For our purposes, ulp is the ulp of the