Two questions

Tom Tromey
Fri Feb 1 23:51:00 GMT 2002

Right now has code like this throughout:

  char buf[MAXPATHLEN];
  jsize total = JvGetStringUTFRegion (path, 0, path->length(), buf);
  buf[total] = '\0';

This is pretty bad.  What if the UTF-8 encoded `path' is longer than
MAXPATHLEN?  Security hole!

I was about to fix this when I thought: maybe we should take this
opportunity to use `file.encoding' as the encoding for file names.
However, I'm reluctant to do this without knowing whether it is really
the correct thing to do.  Does anyone have a definitive answer?


More information about the Java mailing list