From 23341a2df2d2ea36784a16fa1db8bc7385351a12 Mon Sep 17 00:00:00 2001
From: Sven Gothel <sgothel@jausoft.com>
Date: Thu, 20 Jun 2013 08:11:29 +0200
Subject: Security: Tighten DynamicLinker*, NativeLibrary and
DynamicLibraryBundle access.
---
.../jogamp/common/os/BionicDynamicLinkerImpl.java | 35 +++++++-
.../jogamp/common/os/MacOSXDynamicLinkerImpl.java | 35 +++++++-
.../jogamp/common/os/UnixDynamicLinkerImpl.java | 92 ++++++++++------------
.../jogamp/common/os/WindowsDynamicLinkerImpl.java | 41 ++++++++--
4 files changed, 137 insertions(+), 66 deletions(-)
(limited to 'src/java/jogamp/common')
diff --git a/src/java/jogamp/common/os/BionicDynamicLinkerImpl.java b/src/java/jogamp/common/os/BionicDynamicLinkerImpl.java
index 3864ab2..488ce99 100644
--- a/src/java/jogamp/common/os/BionicDynamicLinkerImpl.java
+++ b/src/java/jogamp/common/os/BionicDynamicLinkerImpl.java
@@ -1,3 +1,30 @@
+/**
+ * Copyright 2013 JogAmp Community. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are
+ * permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this list of
+ * conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice, this list
+ * of conditions and the following disclaimer in the documentation and/or other materials
+ * provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY JogAmp Community ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+ * FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JogAmp Community OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * The views and conclusions contained in the software and documentation are those of the
+ * authors and should not be interpreted as representing official policies, either expressed
+ * or implied, of JogAmp Community.
+ */
package jogamp.common.os;
import com.jogamp.common.util.SecurityUtil;
@@ -9,7 +36,7 @@ import com.jogamp.common.util.SecurityUtil;
* Bionic is used on Android.
* </p>
*/
-public class BionicDynamicLinkerImpl extends UnixDynamicLinkerImpl {
+public final class BionicDynamicLinkerImpl extends UnixDynamicLinkerImpl {
private static final long RTLD_DEFAULT = 0xffffffffL;
// static final long RTLD_NEXT = 0xfffffffeL;
@@ -19,7 +46,7 @@ public class BionicDynamicLinkerImpl extends UnixDynamicLinkerImpl {
private static final int RTLD_GLOBAL = 0x00002;
// --- Begin CustomJavaCode .cfg declarations
- public long openLibraryLocal(String pathname, boolean debug) throws SecurityException {
+ public final long openLibraryLocal(String pathname, boolean debug) throws SecurityException {
// Note we use RTLD_GLOBAL visibility to _NOT_ allow this functionality to
// be used to pre-resolve dependent libraries of JNI code without
// requiring that all references to symbols in those libraries be
@@ -31,7 +58,7 @@ public class BionicDynamicLinkerImpl extends UnixDynamicLinkerImpl {
return dlopen(pathname, RTLD_LAZY | RTLD_LOCAL);
}
- public long openLibraryGlobal(String pathname, boolean debug) throws SecurityException {
+ public final long openLibraryGlobal(String pathname, boolean debug) throws SecurityException {
// Note we use RTLD_GLOBAL visibility to allow this functionality to
// be used to pre-resolve dependent libraries of JNI code without
// requiring that all references to symbols in those libraries be
@@ -43,7 +70,7 @@ public class BionicDynamicLinkerImpl extends UnixDynamicLinkerImpl {
return dlopen(pathname, RTLD_LAZY | RTLD_GLOBAL);
}
- public long lookupSymbolGlobal(String symbolName) {
+ public final long lookupSymbolGlobal(String symbolName) {
final long addr = dlsym(RTLD_DEFAULT, symbolName);
if(DEBUG_LOOKUP) {
System.err.println("DynamicLinkerImpl.lookupSymbolGlobal("+symbolName+") -> 0x"+Long.toHexString(addr));
diff --git a/src/java/jogamp/common/os/MacOSXDynamicLinkerImpl.java b/src/java/jogamp/common/os/MacOSXDynamicLinkerImpl.java
index 09ee48d..bebddc4 100644
--- a/src/java/jogamp/common/os/MacOSXDynamicLinkerImpl.java
+++ b/src/java/jogamp/common/os/MacOSXDynamicLinkerImpl.java
@@ -1,3 +1,30 @@
+/**
+ * Copyright 2013 JogAmp Community. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are
+ * permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this list of
+ * conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice, this list
+ * of conditions and the following disclaimer in the documentation and/or other materials
+ * provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY JogAmp Community ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+ * FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JogAmp Community OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * The views and conclusions contained in the software and documentation are those of the
+ * authors and should not be interpreted as representing official policies, either expressed
+ * or implied, of JogAmp Community.
+ */
package jogamp.common.os;
import com.jogamp.common.util.SecurityUtil;
@@ -6,7 +33,7 @@ import com.jogamp.common.util.SecurityUtil;
* Mac OS X specialization of {@link UnixDynamicLinkerImpl}
* utilizing OS X 's non POSIX flags and mode values.
*/
-public class MacOSXDynamicLinkerImpl extends UnixDynamicLinkerImpl {
+public final class MacOSXDynamicLinkerImpl extends UnixDynamicLinkerImpl {
private static final long RTLD_DEFAULT = -2L;
// static final long RTLD_NEXT = -1L;
@@ -17,7 +44,7 @@ public class MacOSXDynamicLinkerImpl extends UnixDynamicLinkerImpl {
private static final int RTLD_GLOBAL = 0x00008;
// --- Begin CustomJavaCode .cfg declarations
- public long openLibraryLocal(String pathname, boolean debug) throws SecurityException {
+ public final long openLibraryLocal(String pathname, boolean debug) throws SecurityException {
// Note we use RTLD_LOCAL visibility to _NOT_ allow this functionality to
// be used to pre-resolve dependent libraries of JNI code without
// requiring that all references to symbols in those libraries be
@@ -29,7 +56,7 @@ public class MacOSXDynamicLinkerImpl extends UnixDynamicLinkerImpl {
return dlopen(pathname, RTLD_LAZY | RTLD_LOCAL);
}
- public long openLibraryGlobal(String pathname, boolean debug) throws SecurityException {
+ public final long openLibraryGlobal(String pathname, boolean debug) throws SecurityException {
// Note we use RTLD_GLOBAL visibility to allow this functionality to
// be used to pre-resolve dependent libraries of JNI code without
// requiring that all references to symbols in those libraries be
@@ -41,7 +68,7 @@ public class MacOSXDynamicLinkerImpl extends UnixDynamicLinkerImpl {
return dlopen(pathname, RTLD_LAZY | RTLD_GLOBAL);
}
- public long lookupSymbolGlobal(String symbolName) {
+ public final long lookupSymbolGlobal(String symbolName) {
final long addr = dlsym(RTLD_DEFAULT, symbolName);
if(DEBUG_LOOKUP) {
System.err.println("DynamicLinkerImpl.lookupSymbolGlobal("+symbolName+") -> 0x"+Long.toHexString(addr));
diff --git a/src/java/jogamp/common/os/UnixDynamicLinkerImpl.java b/src/java/jogamp/common/os/UnixDynamicLinkerImpl.java
index 7675977..28e166e 100644
--- a/src/java/jogamp/common/os/UnixDynamicLinkerImpl.java
+++ b/src/java/jogamp/common/os/UnixDynamicLinkerImpl.java
@@ -1,58 +1,56 @@
+/**
+ * Copyright 2013 JogAmp Community. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are
+ * permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this list of
+ * conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice, this list
+ * of conditions and the following disclaimer in the documentation and/or other materials
+ * provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY JogAmp Community ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+ * FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JogAmp Community OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * The views and conclusions contained in the software and documentation are those of the
+ * authors and should not be interpreted as representing official policies, either expressed
+ * or implied, of JogAmp Community.
+ */
package jogamp.common.os;
import com.jogamp.common.os.DynamicLinker;
-import com.jogamp.common.util.SecurityUtil;
+/* pp */ abstract class UnixDynamicLinkerImpl implements DynamicLinker {
-public class UnixDynamicLinkerImpl implements DynamicLinker {
-
- private static final long RTLD_DEFAULT = 0;
- // static final long RTLD_NEXT = -1L;
-
- private static final int RTLD_LAZY = 0x00001;
- // static final int RTLD_NOW = 0x00002;
- private static final int RTLD_LOCAL = 0x00000;
- private static final int RTLD_GLOBAL = 0x00100;
-
+ //
+ // Package private scope of class w/ protected native code access
+ // and sealed jogamp.common.* package definition
+ // ensuring no abuse via subclassing.
+ //
+
/** Interface to C language function: <br> <code> int dlclose(void * ); </code> */
- /* pp */ static native int dlclose(long arg0);
+ protected static native int dlclose(long arg0);
/** Interface to C language function: <br> <code> char * dlerror(void); </code> */
- /* pp */ static native java.lang.String dlerror();
+ protected static native java.lang.String dlerror();
/** Interface to C language function: <br> <code> void * dlopen(const char * , int); </code> */
- /* pp */ static native long dlopen(java.lang.String arg0, int arg1);
+ protected static native long dlopen(java.lang.String arg0, int arg1);
/** Interface to C language function: <br> <code> void * dlsym(void * , const char * ); </code> */
- /* pp */ static native long dlsym(long arg0, java.lang.String arg1);
+ protected static native long dlsym(long arg0, java.lang.String arg1);
- // --- Begin CustomJavaCode .cfg declarations
- public long openLibraryLocal(String pathname, boolean debug) throws SecurityException {
- // Note we use RTLD_GLOBAL visibility to _NOT_ allow this functionality to
- // be used to pre-resolve dependent libraries of JNI code without
- // requiring that all references to symbols in those libraries be
- // looked up dynamically via the ProcAddressTable mechanism; in
- // other words, one can actually link against the library instead of
- // having to dlsym all entry points. System.loadLibrary() uses
- // RTLD_LOCAL visibility so can't be used for this purpose.
- SecurityUtil.checkLinkPermission(pathname);
- return dlopen(pathname, RTLD_LAZY | RTLD_LOCAL);
- }
-
- public long openLibraryGlobal(String pathname, boolean debug) throws SecurityException {
- // Note we use RTLD_GLOBAL visibility to allow this functionality to
- // be used to pre-resolve dependent libraries of JNI code without
- // requiring that all references to symbols in those libraries be
- // looked up dynamically via the ProcAddressTable mechanism; in
- // other words, one can actually link against the library instead of
- // having to dlsym all entry points. System.loadLibrary() uses
- // RTLD_LOCAL visibility so can't be used for this purpose.
- SecurityUtil.checkLinkPermission(pathname);
- return dlopen(pathname, RTLD_LAZY | RTLD_GLOBAL);
- }
-
- public long lookupSymbol(long libraryHandle, String symbolName) {
+ public final long lookupSymbol(long libraryHandle, String symbolName) {
final long addr = dlsym(libraryHandle, symbolName);
if(DEBUG_LOOKUP) {
System.err.println("DynamicLinkerImpl.lookupSymbol(0x"+Long.toHexString(libraryHandle)+", "+symbolName+") -> 0x"+Long.toHexString(addr));
@@ -60,19 +58,11 @@ public class UnixDynamicLinkerImpl implements DynamicLinker {
return addr;
}
- public long lookupSymbolGlobal(String symbolName) {
- final long addr = dlsym(RTLD_DEFAULT, symbolName);
- if(DEBUG_LOOKUP) {
- System.err.println("DynamicLinkerImpl.lookupSymbolGlobal("+symbolName+") -> 0x"+Long.toHexString(addr));
- }
- return addr;
- }
-
- public void closeLibrary(long libraryHandle) {
+ public final void closeLibrary(long libraryHandle) {
dlclose(libraryHandle);
}
- public String getLastError() {
+ public final String getLastError() {
return dlerror();
}
}
diff --git a/src/java/jogamp/common/os/WindowsDynamicLinkerImpl.java b/src/java/jogamp/common/os/WindowsDynamicLinkerImpl.java
index 884ac39..158bd7c 100644
--- a/src/java/jogamp/common/os/WindowsDynamicLinkerImpl.java
+++ b/src/java/jogamp/common/os/WindowsDynamicLinkerImpl.java
@@ -1,9 +1,36 @@
+/**
+ * Copyright 2013 JogAmp Community. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are
+ * permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this list of
+ * conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice, this list
+ * of conditions and the following disclaimer in the documentation and/or other materials
+ * provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY JogAmp Community ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+ * FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JogAmp Community OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * The views and conclusions contained in the software and documentation are those of the
+ * authors and should not be interpreted as representing official policies, either expressed
+ * or implied, of JogAmp Community.
+ */
package jogamp.common.os;
import com.jogamp.common.os.DynamicLinker;
import com.jogamp.common.util.SecurityUtil;
-public class WindowsDynamicLinkerImpl implements DynamicLinker {
+public final class WindowsDynamicLinkerImpl implements DynamicLinker {
/** Interface to C language function: <br> <code> BOOL FreeLibrary(HANDLE hLibModule); </code> */
private static native int FreeLibrary(long hLibModule);
@@ -19,13 +46,13 @@ public class WindowsDynamicLinkerImpl implements DynamicLinker {
// --- Begin CustomJavaCode .cfg declarations
- public long openLibraryLocal(String libraryName, boolean debug) throws SecurityException {
+ public final long openLibraryLocal(String libraryName, boolean debug) throws SecurityException {
// How does that work under Windows ?
// Don't know .. so it's an alias for the time being
return openLibraryGlobal(libraryName, debug);
}
- public long openLibraryGlobal(String libraryName, boolean debug) throws SecurityException {
+ public final long openLibraryGlobal(String libraryName, boolean debug) throws SecurityException {
SecurityUtil.checkLinkPermission(libraryName);
long handle = LoadLibraryW(libraryName);
if(0==handle && debug) {
@@ -35,7 +62,7 @@ public class WindowsDynamicLinkerImpl implements DynamicLinker {
return handle;
}
- public long lookupSymbol(long libraryHandle, String symbolName) {
+ public final long lookupSymbol(long libraryHandle, String symbolName) {
String _symbolName = symbolName;
long addr = GetProcAddressA(libraryHandle, _symbolName);
if(0==addr) {
@@ -54,7 +81,7 @@ public class WindowsDynamicLinkerImpl implements DynamicLinker {
return addr;
}
- public long lookupSymbolGlobal(String symbolName) {
+ public final long lookupSymbolGlobal(String symbolName) {
if(DEBUG_LOOKUP) {
System.err.println("lookupSymbolGlobal: Not supported on Windows");
}
@@ -62,11 +89,11 @@ public class WindowsDynamicLinkerImpl implements DynamicLinker {
return 0;
}
- public void closeLibrary(long libraryHandle) {
+ public final void closeLibrary(long libraryHandle) {
FreeLibrary(libraryHandle);
}
- public String getLastError() {
+ public final String getLastError() {
final int err = GetLastError();
return "Last error: 0x"+Integer.toHexString(err)+" ("+err+")";
}
--
cgit v1.2.3