[Mono-bugs] [Bug 66735][Nor] New - Remove lock(typeof(T)) pattern from libraries
bugzilla-daemon@bugzilla.ximian.com
bugzilla-daemon@bugzilla.ximian.com
Thu, 23 Sep 2004 13:45:19 -0400 (EDT)
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by lupus@ximian.com.
http://bugzilla.ximian.com/show_bug.cgi?id=66735
--- shadow/66735 2004-09-23 13:45:19.000000000 -0400
+++ shadow/66735.tmp.18562 2004-09-23 13:45:19.000000000 -0400
@@ -0,0 +1,27 @@
+Bug#: 66735
+Product: Mono: Class Libraries
+Version: unspecified
+OS: All
+OS Details:
+Status: NEW
+Resolution:
+Severity:
+Priority: Normal
+Component: CORLIB
+AssignedTo: mono-bugs@ximian.com
+ReportedBy: lupus@ximian.com
+QAContact: mono-bugs@ximian.com
+TargetMilestone: ---
+URL:
+Cc:
+Summary: Remove lock(typeof(T)) pattern from libraries
+
+We need to remove the usage of the lock(typeof(T)) pattern
+from our libraries: it allows malicious users to deadlock the runtime.
+The pattern should be replaced with a lock on a static object field
+used for just this purpouse (note an object of type object should be used,
+not a string which has the same issues as typeof).
+Likely a tool should be developed that catches this and it should be run
+periodically on the whole repository.
+This is a good janitorial-like job for people who want to start
+contributing to mono.