Bug in ProcessBuilder.

Martin Buchholz martinrb at google.com
Wed Aug 21 22:51:59 UTC 2013


Adding Alexey Utkin, who appears to be the author of the lines I am
proposing to modify.  Alexey, you are invited to take ownership of this fix.


On Wed, Aug 21, 2013 at 3:43 PM, Martin Buchholz <martinrb at google.com>wrote:

> Hi security team,
>
> There's some code in ProcessBuilder.java to avoid leaking data in case
> ProcessBuilder.start fails.
> It appears to have an obvious bug, with an obvious fix.
>
>
> http://cr.openjdk.java.net/~martin/webrevs/openjdk8/ProcessBuilder-checkRead/
>
> checkRead is spec'ed to throw SecurityException, not AccessControlException.
> If checkRead does throw SecurityException, then start will throw the wrong
> exception.
>
> Untested.
>
> @@ -1033,9 +1033,9 @@
>                  // Can not disclose the fail reason for read-protected files.
>                  try {
>                      security.checkRead(prog);
> -                } catch (AccessControlException ace) {
> +                } catch (SecurityException e) {
>                      exceptionInfo = "";
> -                    cause = ace;
> +                    cause = e;
>                  }
>              }
>              // It's much easier for us to create a high-quality error
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20130821/68bc7e86/attachment.htm>


More information about the security-dev mailing list