[Mono-bugs] [Bug 81860][Maj] New - RuntimeHelpers.InitializeArray() is completely broken
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Tue Jun 12 02:51:56 EDT 2007
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by jeroen at sumatra.nl.
http://bugzilla.ximian.com/show_bug.cgi?id=81860
--- shadow/81860 2007-06-12 02:51:56.000000000 -0400
+++ shadow/81860.tmp.10285 2007-06-12 02:51:56.000000000 -0400
@@ -0,0 +1,26 @@
+Bug#: 81860
+Product: Mono: Runtime
+Version: 1.2
+OS: other
+OS Details:
+Status: NEW
+Resolution:
+Severity:
+Priority: Major
+Component: misc
+AssignedTo: mono-bugs at ximian.com
+ReportedBy: jeroen at sumatra.nl
+QAContact: mono-bugs at ximian.com
+TargetMilestone: ---
+URL:
+Cc:
+Summary: RuntimeHelpers.InitializeArray() is completely broken
+
+ves_icall_System_Runtime_CompilerServices_RuntimeHelpers_InitializeArray
+() needs more checks.
+
+It should check:
+- whether the field has an RVA.
+- the size of the field before blindly copying the data.
+- that the destination array type doesn't contain references, the current
+behavior is a security hole.
More information about the mono-bugs
mailing list