Andrew John Hughes wrote:
:
Isn't there some way to test for snprintf and use it on platforms that
aren't broken? It seems a bad idea to leave a potential security hole
open for the sake of one legacy platform. snprintf is part of C99
according to its manpage, so it should be available on all compilers
that implement this standard.
This is one reason why it would be better if OpenJDK used autoconf; it
has a test for this exact issue, but sadly that needs to be run prior
to the build.
Windows is indeed a pain. If this were library code then we could use
jio_snprintf but this is a debugger transport library that shouldn't
need to be linked to the VM. As I said, we could put in platform
dependent code for this - it's not hard, just didn't seem to be worth it
for this one case. You are right, that if someone were to increase the
message without resizing the buffer then we'd have the buffer overflow
issue back again. So if folks feel strongly about this, then I can do
this so that we are using snprintf/equivalent. Alternatively, we simply
change this to return a generic message (like "handshake failed - the
peer is not a debugger") and skip printing the bytes received from the
unrecognized peer.
Moving to an autoconf build is a significant project - that something
for build-dev.
-Alan.
