Oh right, then it could get truncated, but should not overflow.
On Sat, Feb 27, 2021 at 7:15 PM Ioi Lam <ik...@openjdk.java.net> wrote:
> On Sat, 27 Feb 2021 05:19:01 GMT, Thomas Stuefe <stu...@openjdk.org>
> wrote:
>
> >> src/hotspot/share/memory/metaspaceShared.cpp line 799:
> >>
> >>> 797: if (strstr(file_name, ".jsa") == nullptr) {
> >>> 798: os::snprintf(filename, sizeof(filename), "%s.jsa",
> file_name);
> >>> 799: file = filename;
> >>
> >> This could potentially overflow the buffer. I think it's best to just
> leave `file_name` alone. If the user doesn't want the `.jsa` extension,
> that's fine. Similarly, we don't add `.jsa` to `-XX:ArchiveClassesAtExit`
> or `-XX:SharedArchiveFile`.
> >
> > How would it overflow? But I agree, I would not add jsa extension if the
> user did not specify one. I dislike when programs do that.
>
> `file_name` is user input that comes from the jcmd, so it can be
> arbitrarily long and exceed JVM_MAXPATHLEN characters.
>
> -------------
>
> PR: https://git.openjdk.java.net/jdk/pull/2737
>
