Java and the NTFS Path weakness

Bernd Eckenfels ecki at zusammenkunft.net
Tue Jan 19 10:18:03 UTC 2021


Hello Alan, I don’t think this is a Java vulnerability (but something Java application programmers have to deal with), that’s why I sent it to the mailing list (for lack of better channels).

Still there is a lesson to learn, we have two different windows file Name parsing behaviors in the openjdk.

Microsoft (and the mass media) seems to be aware of the Windows problems.

Gruss
Bernd
--
http://bernd.eckenfels.net
________________________________
Von: Alan Bateman <Alan.Bateman at oracle.com>
Gesendet: Tuesday, January 19, 2021 9:26:02 AM
An: Bernd <ecki at zusammenkunft.net>; OpenJDK Dev list <security-dev at openjdk.java.net>; nio-dev <nio-dev at openjdk.java.net>
Betreff: Re: Java and the NTFS Path weakness



On 18/01/2021 21:29, Bernd wrote:
Hello,

bad news everyone. The second Windows Filesystem related security bug reported by Jonas Lykkegaard which allows crashing Windows with a unpriveledged read access also affects JVM and it is not filtered by Path.of. Which means bot new File(bad).exists() and Files.readAllLines(Path.of(bad)) will crash Windows immediatelly.

I verified this on the latest Windows Server 2019 January Security Update.

var bad = "\\\\.\\globalroot\\device\\condrv\\kernelconnect"

BSOD issues should be reported to Microsoft. If there is any suggestion of a JDK bug here then it should be reported to vuln-report at openjdk.java.net<mailto:vuln-report at openjdk.java.net>. We (at least Oracle engineers) cannot engage in any discussion of vulnerability issues here.

-Alan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.java.net/pipermail/security-dev/attachments/20210119/93b555d2/attachment.htm>


More information about the security-dev mailing list