[PATCH] JDK-8194630: Uninitialized initiator_address in native GSS
Martin Balao
mbalao at redhat.com
Wed Feb 21 18:26:59 UTC 2018
Have you considered zeroizing the whole "gss_channel_bindings_t" structure
with memset? So we don't have problem if new fields are eventually added.
On Wed, Feb 21, 2018 at 1:39 PM, Jan Kalina <jkalina at redhat.com> wrote:
> I has prepared fix for bug related to using native GSS API.
> Uninitialized fields causes JVM crash or authentication failing.
>
> Bug consequences are more described in bugreport:
> https://bugs.openjdk.java.net/browse/JDK-8194630
> Reproducer is attached to bugreport too.
>
> Would anyone be interested in reviewing/sponsoring this change?
> It would be really great to get this into JDK 9 and above.
> (I am covered by Red Hat OCA.)
>
> Thanks for your response!
>
> PATCH:
> ----------------------------------------------
> diff --git a/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
> b/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
> --- a/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
> +++ b/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
> @@ -169,6 +169,11 @@
> // initialize addrtype in CB first
> cb->initiator_addrtype = GSS_C_AF_NULLADDR;
> cb->acceptor_addrtype = GSS_C_AF_NULLADDR;
> + // addresses needs to be initialized to empty
> + cb->initiator_address.length = 0;
> + cb->initiator_address.value = NULL;
> + cb->acceptor_address.length = 0;
> + cb->acceptor_address.value = NULL;
>
> /* set up initiator address */
> jinetAddr = (*env)->CallObjectMethod(env, jcb,
> ----------------------------------------------
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20180221/0fae783f/attachment.htm>
More information about the security-dev
mailing list