This is the mail archive of the java-patches@gcc.gnu.org mailing list for the Java project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Patch: rewrite File.toCanonicalPath() for GNU/Posix systems

From: Tom Tromey <tromey at redhat dot com>
To: Gary Benson <gbenson at redhat dot com>
Cc: java-patches at gcc dot gnu dot org
Date: 05 Apr 2006 15:53:39 -0600
Subject: Re: Patch: rewrite File.toCanonicalPath() for GNU/Posix systems
References: <20060403123246.GA5292@redhat.com>
Reply-to: tromey at redhat dot com

>>>>> "Gary" == Gary Benson <gbenson@redhat.com> writes:

Gary> The diff of the method itself is not particularly legible, so I've
Gary> attached a copy of the new method as well.

This is looking good.

I had a couple of questions though.

First:

-  // Special case: treat "" the same as ".".
-  if (total == 0)
-    buf[total++] = '.';

Is this now handled some other way?  I didn't try to trace through the
logic.  I forget if there is a test for this... if not there ought to
be.

Gary> 	      // Unlike other JVMs we do not rewind past the root
Gary> 	      // directory.  I can't see any legitimate reason why you
Gary> 	      // would want this, and chopping off bits of path seems
Gary> 	      // like a sure-fire way to introduce vulnerabilities.

I'm curious about this.  It seems a bit weird that it would be valid
to try to open "../../../foo" but not to get the canonical path name
of that same file.

Tom

Follow-Ups:
- Re: Patch: rewrite File.toCanonicalPath() for GNU/Posix systems
  - From: Gary Benson

References:
- Patch: rewrite File.toCanonicalPath() for GNU/Posix systems
  - From: Gary Benson

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]