RFR(S): 8038233 : Fix unsafe strcpy in Java_sun_tools_attach_{Aix, Bsd, Linux}VirtualMachine_connect()

Volker Simonis volker.simonis at gmail.com
Fri Mar 28 13:44:32 UTC 2014


Hi Alan,

thanks for the review.

On Thu, Mar 27, 2014 at 7:31 PM, Alan Bateman <Alan.Bateman at oracle.com> wrote:
> On 27/03/2014 18:08, Volker Simonis wrote:
>>
>> Hi,
>>
>> a security audit for the PPC64/AIX port revealed an unsecure useage of
>> 'strcpy' in Java_sun_tools_attach_AixVirtualMachine_connect(). Because
>> the same coding is also used in the Linux and BSD implementations, the
>> following change fixes them all together:
>>
>> http://cr.openjdk.java.net/~simonis/webrevs/8038233/
>> https://bugs.openjdk.java.net/browse/JDK-8038233
>>
>> Compiled and tested (with the com/sun/jdi, com/sun/tools/attach,
>> com/sun/management and sun/management JTreg tests) on Linux, MacOS X
>> and AIX.
>>
>> Please notice that this fix is also intended for backporting tu 8u.
>>
> As we now have 3 implementations using socket pairs then there might be an
> opportunity to consolidate the implementations, not for this patch of
> course.
>

I agree, there's a lot of common code in the three implementations.

> Your changes looks okay and it's good to memset the sockaddr_un structure.
> As regards the issue is a concern or not then it's important to note thaht
> the Attach API is in tools.jar, it's not in a JRE build. Also an attach
> requires a Permission check if running with a security manager and I likely
> vert rare for tools to do this. Also to cause a problem then it would
> require the temporary directory to be unusually long.
>

You're right. I was initially concerned a little more because the
Linux implementation also uses the process' current working directory.
But that's just for the attach file, not for the actual sockets - so
no problem.

Regards,
Volker

> -Alan.


More information about the serviceability-dev mailing list