perfMemory_bsd.cpp get_user_name_slow misses check ?
gerard ziemski
gerard.ziemski at oracle.com
Mon Feb 3 18:01:11 UTC 2020
hi Matthias,
Looking at "open_directory_secure()" API, which is called just before
"is_directory_secure()", seems to suggest that it is the
"is_directory_secure()" call that is not needed here.
So perhaps linux/win/solaris have it wrong and bsd got it right?
// Open the directory of the given path and validate it.
// Return a DIR * of the open directory.
//
static DIR *open_directory_secure(const char* dirname) {
// Open the directory using open() so that it can be verified
// to be secure by calling is_dirfd_secure(), opendir() and then check
// to see if they are the same file system object. This method does not
// introduce a window of opportunity for the directory to be attacked
that
// calling opendir() and is_directory_secure() does.
cheers
On 2/3/20 8:02 AM, Baesken, Matthias wrote:
> Hello, I noticed that perfMemory_bsd.cpp function
>
> static char* get_user_name_slow(int vmid, TRAPS)
>
> misses the
>
> // Since we don't create the backing store files in directories
> // pointed to by symbolic links, we also don't follow them when
> // looking for the files. We check for a symbolic link after the
> // call to opendir in order to eliminate a small window where the
> // symlink can be exploited.
> //
> if (!is_directory_secure(usrdir_name)) {
> FREE_C_HEAP_ARRAY(char, usrdir_name);
> os::closedir(subdirp);
> continue;
> }
>
>
> Check that aix/linux/solaris have .
> Should this be added ?
>
>
> Best Regards, Matthias
More information about the hotspot-dev
mailing list