. Fix infinite loop in parsing certain doubles. See CVE-2010-4476.

8 files changed, 48 insertions, 3 deletions

diff --git a/java/jdk15/Makefile b/java/jdk15/Makefile
index 6f243b05b89d..f9dd5f714303 100644
--- a/java/jdk15/Makefile
+++ b/java/jdk15/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	jdk
 PORTVERSION=	${JDK_VERSION}.${JDK_UPDATE_VERSION}p${JDK_PATCHSET_VERSION}
-PORTREVISION=	9
+PORTREVISION=	10
 PORTEPOCH=	1
 CATEGORIES=	java devel
 MASTER_SITES=	# http://download.java.net/tiger/
diff --git a/java/jdk15/files/patch-FloatingDecimal.java b/java/jdk15/files/patch-FloatingDecimal.java
new file mode 100644
index 000000000000..6141b18cb7eb
--- /dev/null
+++ b/java/jdk15/files/patch-FloatingDecimal.java
@@ -0,0 +1,11 @@
+--- ../../j2se/src/share/classes/sun/misc/FloatingDecimal.java.orig	2011-02-08 21:47:56.000000000 -0800
++++ ../../j2se/src/share/classes/sun/misc/FloatingDecimal.java	2011-02-08 21:48:18.000000000 -0800
+@@ -1529,7 +1529,7 @@
+ 		if ( (cmpResult = bigB.cmp( bigD ) ) > 0 ){
+ 		    overvalue = true; // our candidate is too big.
+ 		    diff = bigB.sub( bigD );
+-		    if ( (bigIntNBits == 1) && (bigIntExp > -expBias) ){
++		    if ( (bigIntNBits == 1) && (bigIntExp > -expBias+1) ){
+ 			// candidate is a normalized exact power of 2 and
+ 			// is too big. We will be subtracting.
+ 			// For our purposes, ulp is the ulp of the
diff --git a/java/jdk16/Makefile b/java/jdk16/Makefile
index 10666e268dd8..e07cafb1deb8 100644
--- a/java/jdk16/Makefile
+++ b/java/jdk16/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	jdk
 PORTVERSION=	${JDK_VERSION}.${JDK_UPDATE_VERSION}p${JDK_PATCHSET_VERSION}
-PORTREVISION=	20
+PORTREVISION=	21
 CATEGORIES=	java devel
 MASTER_SITES=	# http://download.java.net/jdk6/
 #		 http://www.eyesbeyond.com/freebsddom/java/jdk16.html
diff --git a/java/jdk16/files/patch-FloatingDecimal.java b/java/jdk16/files/patch-FloatingDecimal.java
new file mode 100644
index 000000000000..6141b18cb7eb
--- /dev/null
+++ b/java/jdk16/files/patch-FloatingDecimal.java
@@ -0,0 +1,11 @@
+--- ../../j2se/src/share/classes/sun/misc/FloatingDecimal.java.orig	2011-02-08 21:47:56.000000000 -0800
++++ ../../j2se/src/share/classes/sun/misc/FloatingDecimal.java	2011-02-08 21:48:18.000000000 -0800
+@@ -1529,7 +1529,7 @@
+ 		if ( (cmpResult = bigB.cmp( bigD ) ) > 0 ){
+ 		    overvalue = true; // our candidate is too big.
+ 		    diff = bigB.sub( bigD );
+-		    if ( (bigIntNBits == 1) && (bigIntExp > -expBias) ){
++		    if ( (bigIntNBits == 1) && (bigIntExp > -expBias+1) ){
+ 			// candidate is a normalized exact power of 2 and
+ 			// is too big. We will be subtracting.
+ 			// For our purposes, ulp is the ulp of the
diff --git a/java/openjdk6/Makefile b/java/openjdk6/Makefile
index 1b780cd79c3a..b49caca9b7fa 100644
--- a/java/openjdk6/Makefile
+++ b/java/openjdk6/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	openjdk6
 PORTVERSION=	b20
-PORTREVISION=	7
+PORTREVISION=	8
 CATEGORIES=	java devel
 MASTER_SITES=	http://download.java.net/openjdk/jdk6/promoted/${PORTVERSION}/ \
 		https://jaxp.dev.java.net/files/documents/913/150648/:jaxp \
diff --git a/java/openjdk6/files/patch-FloatingDecimal.java b/java/openjdk6/files/patch-FloatingDecimal.java
new file mode 100644
index 000000000000..23656900f75c
--- /dev/null
+++ b/java/openjdk6/files/patch-FloatingDecimal.java
@@ -0,0 +1,11 @@
+--- jdk/src/share/classes/sun/misc/FloatingDecimal.java.orig	2010-06-21 14:15:30.000000000 -0700
++++ jdk/src/share/classes/sun/misc/FloatingDecimal.java	2011-02-08 22:30:49.000000000 -0800
+@@ -1547,7 +1547,7 @@
+                 if ( (cmpResult = bigB.cmp( bigD ) ) > 0 ){
+                     overvalue = true; // our candidate is too big.
+                     diff = bigB.sub( bigD );
+-                    if ( (bigIntNBits == 1) && (bigIntExp > -expBias) ){
++                    if ( (bigIntNBits == 1) && (bigIntExp > -expBias+1) ){
+                         // candidate is a normalized exact power of 2 and
+                         // is too big. We will be subtracting.
+                         // For our purposes, ulp is the ulp of the
diff --git a/java/openjdk7/Makefile b/java/openjdk7/Makefile
index e1a94d12d704..d02311e64509 100644
--- a/java/openjdk7/Makefile
+++ b/java/openjdk7/Makefile
@@ -7,6 +7,7 @@
 
 PORTNAME=	openjdk
 PORTVERSION=	${JDK_MAJOR_VERSION}.${JDK_MINOR_VERSION}.${JDK_BUILD_NUMBER}
+PORTREVISION=	1
 CATEGORIES=	java devel
 MASTER_SITES=	http://download.java.net/openjdk/jdk7/promoted/b${JDK_BUILD_NUMBER}/ \
 		https://jaxp.dev.java.net/files/documents/913/152561/:jaxp \
diff --git a/java/openjdk7/files/patch-FloatingDecimal.java b/java/openjdk7/files/patch-FloatingDecimal.java
new file mode 100644
index 000000000000..23656900f75c
--- /dev/null
+++ b/java/openjdk7/files/patch-FloatingDecimal.java
@@ -0,0 +1,11 @@
+--- jdk/src/share/classes/sun/misc/FloatingDecimal.java.orig	2010-06-21 14:15:30.000000000 -0700
++++ jdk/src/share/classes/sun/misc/FloatingDecimal.java	2011-02-08 22:30:49.000000000 -0800
+@@ -1547,7 +1547,7 @@
+                 if ( (cmpResult = bigB.cmp( bigD ) ) > 0 ){
+                     overvalue = true; // our candidate is too big.
+                     diff = bigB.sub( bigD );
+-                    if ( (bigIntNBits == 1) && (bigIntExp > -expBias) ){
++                    if ( (bigIntNBits == 1) && (bigIntExp > -expBias+1) ){
+                         // candidate is a normalized exact power of 2 and
+                         // is too big. We will be subtracting.
+                         // For our purposes, ulp is the ulp of the