From eb842815498f5926828b49c48fffce22fc9586a2 Mon Sep 17 00:00:00 2001 From: Sven Gothel Date: Fri, 21 Jun 2013 03:45:07 +0200 Subject: Security: Tighten DynamicLinker*, NativeLibrary and DynamicLibraryBundle access (2) - Completes 23341a2df2d2ea36784a16fa1db8bc7385351a12 - Replace 'DynamicLinker' interface w/ well documented one - All DynamicLinker methods are now considered secure, i.e.: - open/lookup and close utilize reference counting on handle via a hash map. - lookupSymbol(..) and close(..) impl. validate the passed library handle whether it's retrieved via open*. This is the fast path, not that expensive. - lookupSymbolGlobal(..) performs Check acccess of 'new RuntimePermission("loadLibrary.*")' if SecurityManager is installed. This is the slow path. - DynamicLibraryBundleInfo now reflects the security requirements, i.e. whether priviledged access is needed. --- .../jogamp/common/os/MacOSXDynamicLinkerImpl.java | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) (limited to 'src/java/jogamp/common/os/MacOSXDynamicLinkerImpl.java') diff --git a/src/java/jogamp/common/os/MacOSXDynamicLinkerImpl.java b/src/java/jogamp/common/os/MacOSXDynamicLinkerImpl.java index b0b77ce..beab5d5 100644 --- a/src/java/jogamp/common/os/MacOSXDynamicLinkerImpl.java +++ b/src/java/jogamp/common/os/MacOSXDynamicLinkerImpl.java @@ -53,7 +53,13 @@ public final class MacOSXDynamicLinkerImpl extends UnixDynamicLinkerImpl { // having to dlsym all entry points. System.loadLibrary() uses // RTLD_LOCAL visibility so can't be used for this purpose. SecurityUtil.checkLinkPermission(pathname); - return dlopen(pathname, RTLD_LAZY | RTLD_LOCAL); + final long handle = dlopen(pathname, RTLD_LAZY | RTLD_LOCAL); + if( 0 != handle ) { + incrLibRefCount(handle, pathname); + } else if ( DEBUG || debug ) { + System.err.println("dlopen \""+pathname+"\" local failed, error: "+dlerror()); + } + return handle; } @Override @@ -66,11 +72,18 @@ public final class MacOSXDynamicLinkerImpl extends UnixDynamicLinkerImpl { // having to dlsym all entry points. System.loadLibrary() uses // RTLD_LOCAL visibility so can't be used for this purpose. SecurityUtil.checkLinkPermission(pathname); - return dlopen(pathname, RTLD_LAZY | RTLD_GLOBAL); + final long handle = dlopen(pathname, RTLD_LAZY | RTLD_GLOBAL); + if( 0 != handle ) { + incrLibRefCount(handle, pathname); + } else if ( DEBUG || debug ) { + System.err.println("dlopen \""+pathname+"\" global failed, error: "+dlerror()); + } + return handle; } @Override - public final long lookupSymbolGlobal(String symbolName) { + public final long lookupSymbolGlobal(String symbolName) throws SecurityException { + SecurityUtil.checkAllLinkPermission(); final long addr = dlsym(RTLD_DEFAULT, symbolName); if(DEBUG_LOOKUP) { System.err.println("DynamicLinkerImpl.lookupSymbolGlobal("+symbolName+") -> 0x"+Long.toHexString(addr)); -- cgit v1.2.3