[jruby-dev] [jira] Created: (JRUBY-5502) RubyUNIXSocket#recvfrom overflows temporary buffer

Wayne Meissner (JIRA) Mon, 14 Feb 2011 00:13:36 -0800

RubyUNIXSocket#recvfrom overflows temporary buffer
--------------------------------------------------


                 Key: JRUBY-5502
                 URL: http://jira.codehaus.org/browse/JRUBY-5502
             Project: JRuby
          Issue Type: Bug
          Components: Extensions
    Affects Versions: JRuby 1.6RC2, JRuby 1.6RC1, JRuby 1.5.6
            Reporter: Wayne Meissner
            Assignee: Wayne Meissner
            Priority: Blocker
             Fix For: JRuby 1.6RC3


org.jruby.ext.socket.RubyUnixSocket#recvfrom() allocates a fixed size native 
buffer of 1024 bytes, but then proceeds to read however many bytes the caller 
requested into that buffer.

so, a call of e.g. recvfrom(2048) could overflow the temporary buffer and crash 
the VM.



-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email

[jruby-dev] [jira] Created: (JRUBY-5502) RubyUNIXSocket#recvfrom overflows temporary buffer

Reply via email to