This is the mail archive of the
java-patches@gcc.gnu.org
mailing list for the Java project.
Patch: FYI: fix PR libgcj/24170
- From: Tom Tromey <tromey at redhat dot com>
- To: GCJ-patches <java-patches at gcc dot gnu dot org>
- Date: Wed, 20 Feb 2008 11:21:42 -0700
- Subject: Patch: FYI: fix PR libgcj/24170
- Reply-to: Tom Tromey <tromey at redhat dot com>
PR libgcj/24170 concerns a potential security hole involving the use
of pathconf and readdir_r.
My recollection here is that back in ancient times when I wrote this,
I misunderstood the thread-safety aspects of readdir and thought that
we needed readdir_r. However, that is not the case. readdir_r is
only needed if multiple threads are trying to use the same directory
handle at the same time -- which is not what we do.
This patch solves the problem by deleting the readdir_r code.
Tom
ChangeLog:
2008-02-20 Tom Tromey <tromey@redhat.com>
PR libgcj/24170:
* java/io/natFilePosix.cc (File::performList): Don't use
readdir_r.
* configure, include/config.h.in: Rebuilt.
* configure.ac: Don't check for readdir_r.
Index: configure.ac
===================================================================
--- configure.ac (revision 132440)
+++ configure.ac (working copy)
@@ -1023,7 +1023,7 @@
PLATFORMNET=NoNet
else
AC_CHECK_FUNCS([strerror_r select fstat open fsync sleep opendir \
- localtime_r readdir_r getpwuid_r getcwd \
+ localtime_r getpwuid_r getcwd \
access stat lstat mkdir rename rmdir unlink utime chmod readlink \
nl_langinfo setlocale \
inet_pton uname inet_ntoa \
Index: java/io/natFilePosix.cc
===================================================================
--- java/io/natFilePosix.cc (revision 132440)
+++ java/io/natFilePosix.cc (working copy)
@@ -1,6 +1,6 @@
// natFile.cc - Native part of File class for POSIX.
-/* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2006
+/* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2006, 2008
Free Software Foundation
This file is part of libgcj.
@@ -292,13 +292,7 @@
java::util::ArrayList *list = new java::util::ArrayList ();
struct dirent *d;
-#if defined(HAVE_READDIR_R) && defined(_POSIX_PTHREAD_SEMANTICS)
- int name_max = pathconf (buf, _PC_NAME_MAX);
- char dbuf[sizeof (struct dirent) + name_max + 1];
- while (readdir_r (dir, (struct dirent *) dbuf, &d) == 0 && d != NULL)
-#else /* HAVE_READDIR_R */
while ((d = readdir (dir)) != NULL)
-#endif /* HAVE_READDIR_R */
{
// Omit "." and "..".
if (d->d_name[0] == '.'