From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <java-prs-return-6873-listarch-java-prs=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 2957 invoked by alias); 2 Oct 2005 23:28:15 -0000
Mailing-List: contact java-prs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Subscribe: <mailto:java-prs-subscribe@gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/java-prs/>
List-Post: <mailto:java-prs@gcc.gnu.org>
List-Help: <mailto:java-prs-help@gcc.gnu.org>, <http://gcc.gnu.org/ml/#faqs>
Sender: java-prs-owner@gcc.gnu.org
Received: (qmail 2937 invoked by uid 48); 2 Oct 2005 23:28:14 -0000
Date: Sun, 02 Oct 2005 23:28:00 -0000
Message-ID: <20051002232814.2936.qmail@sourceware.org>
X-Bugzilla-Reason: CC
References: <bug-24170-7172@http.gcc.gnu.org/bugzilla/>
Subject: [Bug libgcj/24170] natFilePosix.cc seems to have a security problem
In-Reply-To: <bug-24170-7172@http.gcc.gnu.org/bugzilla/>
Reply-To: gcc-bugzilla@gcc.gnu.org
To: java-prs@gcc.gnu.org
From: "pinskia at gcc dot gnu dot org" <gcc-bugzilla@gcc.gnu.org>
X-SW-Source: 2005-q4/txt/msg00015.txt.bz2
List-Id: <java-prs.sourceware.org>



------- Comment #3 from pinskia at gcc dot gnu dot org  2005-10-02 23:28 -------
But from the sound of this, this is a bug in readdir_r and not fully in libgcj.

Yes libgcj should be testing the return value of pathconf but I assume from
reading the man pages of pathconf and readdir_r, there should be no problem.


-- 

pinskia at gcc dot gnu dot org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|[SECURITY] readdir_r        |natFilePosix.cc seems to
                   |considered harmful          |have a security problem


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=24170