Yoshiki, I had the same code and was scratching my head over it. I had forgotten that I had originally cloned the Windows logic. However when I was comparing to the unix code I decided to dump that code base and replace it with Ian's rewrite & Bert's modifications.
You might consider reviewing the unix code for isAccessiblePathName & etc so all VM have the same behaviour.
On 25-Aug-09, at 3:30 AM, Yoshiki Ohshima wrote:
static int isAccessiblePathName(TCHAR *pathName) { int i; /* Check if the path/file name is subdirectory of the image path */ for(i=0; i<lstrlen(untrustedUserDirectory)-1; i++) if(untrustedUserDirectory[i] != pathName[i]) return 0;
but this doesn't check the length of pathName so it can do out-of-bounds read-access for pathName. (it returns as soon as it sees a char that is not part of the legitimate path , but still...)
-- = = = ======================================================================== John M. McIntosh johnmci@smalltalkconsulting.com Twitter: squeaker68882 Corporate Smalltalk Consulting Ltd. http://www.smalltalkconsulting.com = = = ========================================================================