I had a quick browse through the Harmony SVN and spotted what appears to
be a vulnerability in the java.lang.ThreadLocal implementation. I have
briefly discussed this with Tim Ellison and Geir Magnusson Jr., off list
before posting here.
Harmony uses a per Thread HashMap (WeakHashMap in
Thomas Hawtin wrote:
I had a quick browse through the Harmony SVN and spotted what appears to
be a vulnerability in the java.lang.ThreadLocal implementation. I have
briefly discussed this with Tim Ellison and Geir Magnusson Jr., off list
before posting here.
Yep, and I'll say again publicly,
Tim Ellison wrote:
Thomas Hawtin wrote:
Some modern code,
such as I believe Spring, creates many ThreadLocal instances, so you may
wish to look further at quality of implementation issues.
Ack -- thanks. What do you call many? 100's? 1,000s? more?
Good question. Googling tends to just
I grok this. I have no problem.
geir
Tim Ellison wrote:
Thomas Hawtin wrote:
I had a quick browse through the Harmony SVN and spotted what appears to
be a vulnerability in the java.lang.ThreadLocal implementation. I have
briefly discussed this with Tim Ellison and Geir Magnusson Jr., off