RFR: 8264774: Implementation of Foreign Function and Memory API (Incubator) [v2]
Daniel Fuchs
dfuchs at openjdk.java.net
Wed Apr 28 18:47:08 UTC 2021
On Wed, 28 Apr 2021 18:19:14 GMT, Maurizio Cimadamore <mcimadamore at openjdk.org> wrote:
>> src/java.base/share/classes/jdk/internal/module/IllegalNativeAccessChecker.java line 78:
>>
>>> 76: int index = 0;
>>> 77: // the system property is removed after decoding
>>> 78: String value = getAndRemoveProperty(prefix + index);
>>
>> I am not sure what is going on with the removal of the properties, but if I'm not mistaken this is racy: from the implementation of the checker() method above, it looks as if two different threads could trigger a call to the decode() function concurrently, which can result in a random partitioning of the properties against the two checkers being instantiated, with one of them being eventually set as the system-wide checker.
>
> I think the method is called during module bootstrap - I don't think there is a race in practice. This method is also called in other parts of ModuleBootstrap. The code you allude to is called during initialization of the IllegalNativeAccessChecker singleton, which should happen only once, and only from one thread.
I'll take your word for it - the use of a volatile variable to store the singleton instance made this suspicious.
-------------
PR: https://git.openjdk.java.net/jdk/pull/3699
More information about the security-dev
mailing list