RFR 8037274 : sun.tools.attach.WindowsVirtualMachine#createPipe() needs more descriptive message when pipe creation fails
Daniel D. Daugherty
daniel.daugherty at oracle.com
Fri Mar 14 15:40:11 UTC 2014
On 3/14/14 9:28 AM, Alan Bateman wrote:
> On 14/03/2014 15:21, Jaroslav Bachorik wrote:
>>
>> Like this?
>> http://cr.openjdk.java.net/~jbachorik/8037274/webrev.03
> This looks okay and I assume you've tested this to ensure that the
> exception has the message. A minor comment is that we prefer snprintf
> over sprintf but the buffer is very over sized here so not an issue.
>
> -Alan
I think some of the static security analysis tools will flag use of
sprintf() as something that needs to be investigated. Probablybetter
to switch to snprintf() to avoid false reports.
Dan
P.S.
I _think_ parfait is smart enough not to do this but other
static analysis tools may not be.
More information about the serviceability-dev
mailing list