RFR(S): 8038233 : Fix unsafe strcpy in Java_sun_tools_attach_{Aix, Bsd, Linux}VirtualMachine_connect() (original) (raw)
Alan Bateman Alan.Bateman at oracle.com
Thu Mar 27 18:31:09 UTC 2014
- Previous message: RFR(S): 8038233 : Fix unsafe strcpy in Java_sun_tools_attach_{Aix, Bsd, Linux}VirtualMachine_connect()
- Next message: RFR(S): 8038233 : Fix unsafe strcpy in Java_sun_tools_attach_{Aix, Bsd, Linux}VirtualMachine_connect()
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 27/03/2014 18:08, Volker Simonis wrote:
Hi,
a security audit for the PPC64/AIX port revealed an unsecure useage of 'strcpy' in JavasuntoolsattachAixVirtualMachineconnect(). Because the same coding is also used in the Linux and BSD implementations, the following change fixes them all together: http://cr.openjdk.java.net/~simonis/webrevs/8038233/ https://bugs.openjdk.java.net/browse/JDK-8038233 Compiled and tested (with the com/sun/jdi, com/sun/tools/attach, com/sun/management and sun/management JTreg tests) on Linux, MacOS X and AIX. Please notice that this fix is also intended for backporting tu 8u. As we now have 3 implementations using socket pairs then there might be an opportunity to consolidate the implementations, not for this patch of course.
Your changes looks okay and it's good to memset the sockaddr_un structure. As regards the issue is a concern or not then it's important to note thaht the Attach API is in tools.jar, it's not in a JRE build. Also an attach requires a Permission check if running with a security manager and I likely vert rare for tools to do this. Also to cause a problem then it would require the temporary directory to be unusually long.
-Alan.
- Previous message: RFR(S): 8038233 : Fix unsafe strcpy in Java_sun_tools_attach_{Aix, Bsd, Linux}VirtualMachine_connect()
- Next message: RFR(S): 8038233 : Fix unsafe strcpy in Java_sun_tools_attach_{Aix, Bsd, Linux}VirtualMachine_connect()
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]