perfMemory_bsd.cpp get_user_name_slow misses check ?
Baesken, Matthias
matthias.baesken at sap.com
Mon Feb 3 14:02:54 UTC 2020
Hello, I noticed that perfMemory_bsd.cpp function
static char* get_user_name_slow(int vmid, TRAPS)
misses the
// Since we don't create the backing store files in directories
// pointed to by symbolic links, we also don't follow them when
// looking for the files. We check for a symbolic link after the
// call to opendir in order to eliminate a small window where the
// symlink can be exploited.
//
if (!is_directory_secure(usrdir_name)) {
FREE_C_HEAP_ARRAY(char, usrdir_name);
os::closedir(subdirp);
continue;
}
Check that aix/linux/solaris have .
Should this be added ?
Best Regards, Matthias
More information about the hotspot-dev
mailing list