[patch] fix buffer overflow in debugger's socket handler
Andrew John Hughes
gnu_andrew at member.fsf.org
Thu Aug 27 16:03:50 PDT 2009
2009/8/27 Florian Weimer <fweimer at bfk.de>:
> * Andrew John Hughes:
>
>> Except that's not an upstream commit, just a webrev:
>> http://cr.openjdk.java.net/~alanb/6432567/webrev.00/
>
> Where has the webrev been posted?
>
Err... in the link above :)
If you mean where did I get the link, it's on the bug report Matthias
mentioned and is now being discussed on the serviceability list:
http://mail.openjdk.java.net/pipermail/serviceability-dev/2009-August/001403.html
> It really should use snprintf(), and the for loop could probably be
> replaced with strncmp()...
>
It seems the Sun engineers agree with you, as do I.
> --
> Florian Weimer <fweimer at bfk.de>
> BFK edv-consulting GmbH http://www.bfk.de/
> Kriegsstraße 100 tel: +49-721-96201-1
> D-76133 Karlsruhe fax: +49-721-96201-99
>
--
Andrew :-)
Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
Support Free Java!
Contribute to GNU Classpath and the OpenJDK
http://www.gnu.org/software/classpath
http://openjdk.java.net
PGP Key: 94EFD9D8 (http://subkeys.pgp.net)
Fingerprint: F8EF F1EA 401E 2E60 15FA 7927 142C 2591 94EF D9D8
More information about the distro-pkg-dev
mailing list