[PATCH] JDK-8194630: Uninitialized initiator_address in native GSS

Valerie Peng valerie.peng at oracle.com
Wed Feb 28 02:47:33 UTC 2018


The later version looks good and I will use this one.
Thanks,
Valerie

On 2/22/2018 2:49 AM, Jan Kalina wrote:
> Ok, thanks Valerie!
> Sorry for spam, I has supposed my previous email was not considered to 
> be patch.
>
> Martin:
> As this is way how it is initialized in other places, I has not 
> considered it.
> http://hg.openjdk.java.net/jdk8/jdk8/jdk/file/59e88d3b9b17/src/share/native/sun/security/jgss/wrapper/GSSLibStub.c#l132
>
> Follows fixed version - tested and works ok - keeping on Valerie which 
> version will be used:
>
> ---------------------------------------------
> diff --git a/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c 
> b/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
> --- a/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
> +++ b/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
> @@ -169,6 +169,9 @@
>    // initialize addrtype in CB first
>    cb->initiator_addrtype = GSS_C_AF_NULLADDR;
>    cb->acceptor_addrtype = GSS_C_AF_NULLADDR;
> +  // addresses needs to be initialized to empty
> +  memset(&cb->initiator_address, 0, sizeof(cb->initiator_address));
> +  memset(&cb->acceptor_address, 0, sizeof(cb->acceptor_address));
>
>    /* set up initiator address */
>    jinetAddr = (*env)->CallObjectMethod(env, jcb,
> ---------------------------------------------
>
> On Wed, Feb 21, 2018 at 7:26 PM, Martin Balao <mbalao at redhat.com 
> <mailto:mbalao at redhat.com>> wrote:
>
>     Have you considered zeroizing the whole "gss_channel_bindings_t"
>     structure with memset? So we don't have problem if new fields are
>     eventually added.
>
>     On Wed, Feb 21, 2018 at 1:39 PM, Jan Kalina <jkalina at redhat.com
>     <mailto:jkalina at redhat.com>> wrote:
>
>         I has prepared fix for bug related to using native GSS API.
>         Uninitialized fields causes JVM crash or authentication failing.
>
>         Bug consequences are more described in bugreport:
>         https://bugs.openjdk.java.net/browse/JDK-8194630
>         <https://bugs.openjdk.java.net/browse/JDK-8194630>
>         Reproducer is attached to bugreport too.
>
>         Would anyone be interested in reviewing/sponsoring this change?
>         It would be really great to get this into JDK 9 and above.
>         (I am covered by Red Hat OCA.)
>
>         Thanks for your response!
>
>         PATCH:
>         ----------------------------------------------
>         diff --git
>         a/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
>         b/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
>         --- a/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
>         +++ b/src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
>         @@ -169,6 +169,11 @@
>            // initialize addrtype in CB first
>            cb->initiator_addrtype = GSS_C_AF_NULLADDR;
>            cb->acceptor_addrtype = GSS_C_AF_NULLADDR;
>         +  // addresses needs to be initialized to empty
>         +  cb->initiator_address.length = 0;
>         +  cb->initiator_address.value = NULL;
>         +  cb->acceptor_address.length = 0;
>         +  cb->acceptor_address.value = NULL;
>
>            /* set up initiator address */
>            jinetAddr = (*env)->CallObjectMethod(env, jcb,
>         ----------------------------------------------
>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20180227/68d702df/attachment.htm>


More information about the security-dev mailing list