Unsynchronized Java IO method calls MT-unsafe readdir(), that could
cause heap corruption. readdir_r() should be used (or the method
should be made synchronized), though note there is an important
bug in the possible return values for readdir_r() - see BUGIDs
4616329, 4117832, 4152773. Also, 4329196 for readdir64_r().
See comments (and attachments) for specific call location and more
detail. Note that MT-unsafe getpwuid() is also called and should
also be fixed, but appears less likely to be invoked concurrently
in multiple threads.
BUGID 4308809 (and predecessor 4155856), had they been addressed,
would have greatly reduced the potential harm calling such MT-unsafe
routines could cause.