[Mono-bugs] [Bug 66735][Nor] New - Remove lock(typeof(T)) pattern from libraries

bugzilla-daemon@bugzilla.ximian.com bugzilla-daemon@bugzilla.ximian.com
Thu, 23 Sep 2004 13:45:19 -0400 (EDT)


Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by lupus@ximian.com.

http://bugzilla.ximian.com/show_bug.cgi?id=66735

--- shadow/66735	2004-09-23 13:45:19.000000000 -0400
+++ shadow/66735.tmp.18562	2004-09-23 13:45:19.000000000 -0400
@@ -0,0 +1,27 @@
+Bug#: 66735
+Product: Mono: Class Libraries
+Version: unspecified
+OS: All
+OS Details: 
+Status: NEW   
+Resolution: 
+Severity: 
+Priority: Normal
+Component: CORLIB
+AssignedTo: mono-bugs@ximian.com                            
+ReportedBy: lupus@ximian.com               
+QAContact: mono-bugs@ximian.com
+TargetMilestone: ---
+URL: 
+Cc: 
+Summary: Remove lock(typeof(T)) pattern from libraries
+
+We need to remove the usage of the lock(typeof(T)) pattern
+from our libraries: it allows malicious users to deadlock the runtime.
+The pattern should be replaced with a lock on a static object field
+used for just this purpouse (note an object of type object should be used,
+not a string which has the same issues as typeof).
+Likely a tool should be developed that catches this and it should be run
+periodically on the whole repository.
+This is a good janitorial-like job for people who want to start
+contributing to mono.