subject:"\[jira\] \[Updated\] \(MESOS\-1355\) Use of untrusted string value in jvm.cpp"

[jira] [Updated] (MESOS-1355) Use of untrusted string value in jvm.cpp

2014-11-10 Thread Dominic Hamon (JIRA)


 [ 
https://issues.apache.org/jira/browse/MESOS-1355?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dominic Hamon updated MESOS-1355:
-
Labels: coverity security  (was: coverity)

> Use of untrusted string value in jvm.cpp
> 
>
> Key: MESOS-1355
> URL: https://issues.apache.org/jira/browse/MESOS-1355
> Project: Mesos
>  Issue Type: Bug
>Reporter: Niklas Quarfot Nielsen
>  Labels: coverity, security
>
> 
> *** CID 1213892:  Use of untrusted string value  (TAINTED_STRING)
> /src/jvm/jvm.cpp: 66 in Jvm::create(const std::vector std::char_traits, std::allocator>, 
> std::allocator, 
> std::allocator>>> &, JNI::Version, bool)()
> 60   std::string libJvmPath = os::getenv("JAVA_JVM_LIBRARY", false);
> 61
> 62   if (libJvmPath.empty()) {
> 63 libJvmPath = mesos::internal::build::JAVA_JVM_LIBRARY;
> 64   }
> 65
> >>> CID 1213892:  Use of untrusted string value  (TAINTED_STRING)
> >>> Passing tainted string "libJvmPath.c_str()" to "dlopen(char const *, 
> >>> int)", which cannot accept tainted data.
> 66   void* handle = dlopen(libJvmPath.c_str(), RTLD_NOW);
> 67
> 68   if (handle == NULL) {
> 69 return Error(dlerror());
> 70   }
> 71



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (MESOS-1355) Use of untrusted string value in jvm.cpp

2014-08-01 Thread Dominic Hamon (JIRA)


 [ 
https://issues.apache.org/jira/browse/MESOS-1355?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dominic Hamon updated MESOS-1355:
-

Issue Type: Bug  (was: Technical task)
Parent: (was: MESOS-1351)

> Use of untrusted string value in jvm.cpp
> 
>
> Key: MESOS-1355
> URL: https://issues.apache.org/jira/browse/MESOS-1355
> Project: Mesos
>  Issue Type: Bug
>Reporter: Niklas Quarfot Nielsen
>  Labels: coverity
>
> 
> *** CID 1213892:  Use of untrusted string value  (TAINTED_STRING)
> /src/jvm/jvm.cpp: 66 in Jvm::create(const std::vector std::char_traits, std::allocator>, 
> std::allocator, 
> std::allocator>>> &, JNI::Version, bool)()
> 60   std::string libJvmPath = os::getenv("JAVA_JVM_LIBRARY", false);
> 61
> 62   if (libJvmPath.empty()) {
> 63 libJvmPath = mesos::internal::build::JAVA_JVM_LIBRARY;
> 64   }
> 65
> >>> CID 1213892:  Use of untrusted string value  (TAINTED_STRING)
> >>> Passing tainted string "libJvmPath.c_str()" to "dlopen(char const *, 
> >>> int)", which cannot accept tainted data.
> 66   void* handle = dlopen(libJvmPath.c_str(), RTLD_NOW);
> 67
> 68   if (handle == NULL) {
> 69 return Error(dlerror());
> 70   }
> 71



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Updated] (MESOS-1355) Use of untrusted string value in jvm.cpp

[jira] [Updated] (MESOS-1355) Use of untrusted string value in jvm.cpp

2 matches

Site Navigation

Mail list logo

Footer information