bug-classpath
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug classpath/29499] New: [security] MappedByteBuffer & DirectByteBuffe


From: jeroen at frijters dot net
Subject: [Bug classpath/29499] New: [security] MappedByteBuffer & DirectByteBufferImpl incorrectly use finalize to clean up
Date: 18 Oct 2006 14:57:33 -0000

Both MappedByteBuffer and DirectByteBufferImpl use a finalize() method to free
the native memory, this is a potential security risk, because finalization does
not guarantee that an object is no longer reachable (it can still be
resurrected from another finalizer).

The proper way to handle clean up is by using a PhantomReference and a
ReferenceQueue.


-- 
           Summary: [security] MappedByteBuffer & DirectByteBufferImpl
                    incorrectly use finalize to clean up
           Product: classpath
           Version: 0.93
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: classpath
        AssignedTo: unassigned at gcc dot gnu dot org
        ReportedBy: jeroen at frijters dot net


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29499





reply via email to

[Prev in Thread] Current Thread [Next in Thread]