Raif S. Naffah wrote: > On Monday 04 September 2006 20:40, Jeroen Frijters wrote: > > ... > > ...*All* native method calls that use the > > native_ptr need to be synchronized. > > i'm sorry but it is still not obvious to me why this should > be so. every instance of a BigInteger has its own value of > native_ptr. what are we protecting by synchronizing the > methods?
The case where an attacker calls finalize *while* the native code is currently running and manipulating the data structure that is being freed at the same time by the finalize method. Regards, Jeroen