Threads should not be Cloneable
Florian Weimer
fw at deneb.enyo.de
Sun Aug 15 11:51:55 UTC 2010
* Chris Hegarty:
> The issue of whether Threads should be Cloneable came up during the
> discussion of another problem. I talked to David about this and we
> believe there is no value being able to clone a thread, in fact it can
> cause some strange problems. David sent a mail [1] to the
> concurrency-interest mailing list requesting feedback on this. No
> objections to date.
Thanks for making this issue public, so that we can fix it.
This has been reported as a potential security issue to Oracle back in
February, together with a rediscovery of what which was subsequently
assigned CVE-2010-0088, and the observation that ColorModel needs a
similar patch:
diff -r ac23e40d3880 src/share/classes/java/awt/image/ColorModel.java
--- a/src/share/classes/java/awt/image/ColorModel.java Fri Aug 13 10:36:08 2010 -0400
+++ b/src/share/classes/java/awt/image/ColorModel.java Sat Aug 14 14:23:15 2010 +0200
@@ -1956,4 +1956,8 @@
return lg16Toog16LUT;
}
+ @Override
+ protected Object clone() throws CloneNotSupportedException {
+ throw new CloneNotSupportedException();
+ }
}
Classes storing native pointers must never be cloneable. I hope
having identified all such cases in the JDK, but I can post my scripts
so that others can try to find more instances.
Contrary to my expectations in February, it turns out that the general
issue was already described here, more than a decade ago:
<http://www.javaworld.com/javaworld/jw-12-1998/jw-12-securityrules.html?page=3>
(See rule 8.) It's just that these recommendations haven't been
applied to the JDK.
Coincidentally, I've been working this weekend on a fix for the CORBA
issue I reported at about the same time (which is otherwise
unrelated). It's somewhat less straightforward to fix, but I hope to
have a patch soon.
More information about the core-libs-dev
mailing list