[PATCH] JDK-8194630: Uninitialized initiator_address in native GSS

Martin Balao mbalao at redhat.com
Wed Feb 21 18:26:59 UTC 2018


Have you considered zeroizing the whole "gss_channel_bindings_t" structure
with memset? So we don't have problem if new fields are eventually added.

On Wed, Feb 21, 2018 at 1:39 PM, Jan Kalina <jkalina at redhat.com> wrote:

> I has prepared fix for bug related to using native GSS API.
> Uninitialized fields causes JVM crash or authentication failing.
>
> Bug consequences are more described in bugreport:
> https://bugs.openjdk.java.net/browse/JDK-8194630
> Reproducer is attached to bugreport too.
>
> Would anyone be interested in reviewing/sponsoring this change?
> It would be really great to get this into JDK 9 and above.
> (I am covered by Red Hat OCA.)
>
> Thanks for your response!
>
> PATCH:
> ----------------------------------------------
> diff --git a/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
> b/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
> --- a/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
> +++ b/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
> @@ -169,6 +169,11 @@
>    // initialize addrtype in CB first
>    cb->initiator_addrtype = GSS_C_AF_NULLADDR;
>    cb->acceptor_addrtype = GSS_C_AF_NULLADDR;
> +  // addresses needs to be initialized to empty
> +  cb->initiator_address.length = 0;
> +  cb->initiator_address.value = NULL;
> +  cb->acceptor_address.length = 0;
> +  cb->acceptor_address.value = NULL;
>
>    /* set up initiator address */
>    jinetAddr = (*env)->CallObjectMethod(env, jcb,
> ----------------------------------------------
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/security-dev/attachments/20180221/0fae783f/attachment.html>


More information about the security-dev mailing list