Hi Alan: > Tim - do you mind reviewing this one? Sure.
> The issue as you know, arises > when the debuggee is connected to something that isn't a debugger and > the handshake fails. The transport code writes the error message into a > buffer on the stack that isn't sized correctly and so can trash the > stack. After reviewing your fix, I am amazed this test failed on only one platform instead of all eight. > http://cr.openjdk.java.net/~alanb/6432567/webrev.00/ > [1] https://bugs.openjdk.java.net/show_bug.cgi?id=100103 Instead of: 174 sprintf(msg, "handshake failed - received >%s< - expected >%s<", b, hello); How about: 174 snprintf(msg, sizeof(msg), "handshake failed - received >%s< - expected >%s<", b, hello); as Kelly suggested, and was also suggested on this email thread; http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2009-August/007016.html Recent compilers from Microsoft and others emit warnings when they find use of old 'unsafe' strcat() and sprintf(), so it would be good to eliminate one while we have the chance. Our build logs already have too many warnings in them... I'll be glad to help with additional building and testing if you would like. Thanks- Tim
