------- Comment #7 from ben at decadentplace dot org dot uk 2005-11-10 11:33 ------- I have no interest in constructing buffer overflow exploits, but if someone were to construct shell-code in a filename it should be possible to use it against a privileged user of libgcj that reads user-specified directories, even without different types of filesystem being mounted. If the directory is specified by a path that includes a symbolic link, and the link is removed in between gcj's opendir and pathconf calls, the pathconf call will fail and the resulting buffer will be much too small (at least on Solaris and BeOS).
-- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=24170
