Minor com.sun.jndi.dns cleanup
Alan Bateman
Alan.Bateman at oracle.com
Mon Feb 17 19:47:16 UTC 2014
On 17/02/2014 16:22, Florian Weimer wrote:
>
> Mailman ate the attachment, so I put it up here:
>
> <http://fweimer.fedorapeople.org/openjdk/jndi-dns-loop/>
>
> Note that other implementations fixed this as CVE-2000-0333 a long
> time ago, but due to the lack of tail call optimization and reliable
> stack overflow detection, this is currently not a security
> vulnerability in OpenJDK (not even an endless loop).
>
This looks good to me. I just wonder if InvalidNameException is the
right NamingException for this case. Would CommunicationException with
an IOException as cause be more suitable?
For the test then we need to add a @bug line with a bug for this (I'll
create a bug). A the test is a negative test then maybe ParsingErrors
might be be a better name.
-Alan.
More information about the core-libs-dev
mailing list