This is the mail archive of the
java-patches@gcc.gnu.org
mailing list for the Java project.
Re: Patch: rewrite File.toCanonicalPath() for GNU/Posix systems
- From: Tom Tromey <tromey at redhat dot com>
- To: Gary Benson <gbenson at redhat dot com>
- Cc: java-patches at gcc dot gnu dot org
- Date: 05 Apr 2006 15:53:39 -0600
- Subject: Re: Patch: rewrite File.toCanonicalPath() for GNU/Posix systems
- References: <20060403123246.GA5292@redhat.com>
- Reply-to: tromey at redhat dot com
>>>>> "Gary" == Gary Benson <gbenson@redhat.com> writes:
Gary> The diff of the method itself is not particularly legible, so I've
Gary> attached a copy of the new method as well.
This is looking good.
I had a couple of questions though.
First:
- // Special case: treat "" the same as ".".
- if (total == 0)
- buf[total++] = '.';
Is this now handled some other way? I didn't try to trace through the
logic. I forget if there is a test for this... if not there ought to
be.
Gary> // Unlike other JVMs we do not rewind past the root
Gary> // directory. I can't see any legitimate reason why you
Gary> // would want this, and chopping off bits of path seems
Gary> // like a sure-fire way to introduce vulnerabilities.
I'm curious about this. It seems a bit weird that it would be valid
to try to open "../../../foo" but not to get the canonical path name
of that same file.
Tom