[Yanel-dev] FYI: Floating point bug in Java

Michael Wechner michael.wechner at wyona.com
Wed Feb 9 22:54:08 CET 2011


Hi Cedric

Thanks very much for pointing this out.

Michael

On 2/9/11 3:51 PM, Cedric Staub wrote:
> Hello there
>
> It looks like Java has a bug that can cause it to enter an endless loop
> when one tries to convert a specific string literal to a double:
> http://www.h-online.com/open/news/item/Oracle-warns-of-Java-vulnerability-1186135.html
>
> This can actually be used to launch a denial of service attack against
> Tomcat if the attacker sends an especially-crafted header, and the
> servlet happens to use the getLocale() or getLocales() functions.
>
> However, it looks like Yanel is safe because it doesn't rely on those
> functions to parse the header and parses it itself instead. I checked
> the code where this happens, and Yanel never tries to convert a string
> into a double. So my attempts to crash my own host have been futile
> so far, which is a good thing ;-).
>
> However, you may still want to apply Oracle's fix for the issue:
> http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html
>
> Cheers,
> Cedric



More information about the Yanel-development mailing list