Security: Tighten DynamicLinker*, NativeLibrary and DynamicLibraryBundle access (2)

- Completes 23341a2df2d2ea36784a16fa1db8bc7385351a12 - Replace 'DynamicLinker' interface w/ well documented one - All DynamicLinker methods are now considered secure, i.e.: - open/lookup and close utilize reference counting on handle via a hash map. - lookupSymbol(..) and close(..) impl. validate the passed library handle whether it's retrieved via open*. This is the fast path, not that expensive. - lookupSymbolGlobal(..) performs Check acccess of 'new RuntimePermission("loadLibrary.*")' if SecurityManager is installed. This is the slow path. - DynamicLibraryBundleInfo now reflects the security requirements, i.e. whether priviledged access is needed.
author: Sven Gothel <[email protected]> 2013-06-21 03:45:07 +0200
committer: Sven Gothel <[email protected]> 2013-06-21 03:45:07 +0200
commit: eb842815498f5926828b49c48fffce22fc9586a2 (patch)
tree: b3aac763bb16890f7f3b3c69b5cdec3febf654f2 /src/java/com/jogamp/common/os/NativeLibrary.java
parent: 19bef683d38f4ce7b0dcb5c516244c6f87504e41 (diff)
1 files changed, 1 insertions, 26 deletions
diff --git a/src/java/com/jogamp/common/os/NativeLibrary.java b/src/java/com/jogamp/common/os/NativeLibrary.java
index 9a86209..3d81479 100644
--- a/src/java/com/jogamp/common/os/NativeLibrary.java
+++ b/src/java/com/jogamp/common/os/NativeLibrary.java
@@ -76,10 +76,6 @@ public final class NativeLibrary implements DynamicLookupHelper {
   private static final DynamicLinker dynLink;
   private static final String[] prefixes;
   private static final String[] suffixes;
-  /** TODO: Hide all lookup methods - Then make protected method accessible ..
-  private static final Method dynLinkLookupLocal;
-  private static final Method dynLinkLookupGlobal;
-  */
 
   static {
     // Instantiate dynamic linker implementation
@@ -114,23 +110,6 @@ public final class NativeLibrary implements DynamicLookupHelper {
         suffixes = new String[] { ".so" };
         break;
     }
-    
-    /** TODO: Hide all lookup methods - Then make protected method accessible ..
-        // public long lookupSymbol(long libraryHandle, String symbolName);
-        // public long lookupSymbolGlobal(String symbolName);    
-        final Method[] dlLookups = AccessController.doPrivileged(new PrivilegedAction<Method[]>() {
-            public Method[] run() {
-                final Method[] ms = new Method[2];
-                ms[0] = ReflectionUtil.getMethod(dynLink.getClass(), "lookupSymbol", Long.class, String.class);
-                ms[0].setAccessible(true);
-                ms[1] = ReflectionUtil.getMethod(dynLink.getClass(), "lookupSymbolGlobal", String.class);
-                ms[0].setAccessible(true);
-                return ms;
-            }
-        } );
-        dynLinkLookupLocal = dlLookups[0];
-        dynLinkLookupGlobal = dlLookups[1];
-      */
   }
 
   // Platform-specific representation for the handle to the open
@@ -258,7 +237,6 @@ public final class NativeLibrary implements DynamicLookupHelper {
       throw new RuntimeException("Library is not open");
     }
     return dynLink.lookupSymbol(libraryHandle, funcName);
-    // TODO: return ( (Long) ReflectionUtil.callMethod(dynLink, dynLinkLookupLocal, Long.valueOf(libraryHandle), funcName) ).longValue();
   }
 
   @Override
@@ -267,19 +245,16 @@ public final class NativeLibrary implements DynamicLookupHelper {
       throw new RuntimeException("Library is not open");
     }
     return 0 != dynLink.lookupSymbol(libraryHandle, funcName);
-    // TODO return 0 != ( (Long) ReflectionUtil.callMethod(dynLink, dynLinkLookupLocal, Long.valueOf(libraryHandle), funcName) ).longValue();
   }
 
   /** Looks up the given function name in all loaded libraries. */
   public static final long dynamicLookupFunctionGlobal(String funcName) {
     return dynLink.lookupSymbolGlobal(funcName);
-    // TODO return ( (Long) ReflectionUtil.callMethod(dynLink, dynLinkLookupGlobal, funcName) ).longValue();
   }
 
   /** Looks up the given function name in all loaded libraries. */
   public static final boolean isFunctionAvailableGlobal(String funcName) {
     return 0 != dynLink.lookupSymbolGlobal(funcName);
-    // TODO return 0 != ( (Long) ReflectionUtil.callMethod(dynLink, dynLinkLookupGlobal, funcName) ).longValue();
   }
 
   /** Retrieves the low-level library handle from this NativeLibrary
@@ -300,7 +275,7 @@ public final class NativeLibrary implements DynamicLookupHelper {
     if (DEBUG) {
       System.err.println("NativeLibrary.close(): closing " + this);
     }
-    if (libraryHandle == 0) {
+    if ( 0 == libraryHandle ) {
       throw new RuntimeException("Library already closed");
     }
     long handle = libraryHandle;
author	Sven Gothel <[email protected]>	2013-06-21 03:45:07 +0200
committer	Sven Gothel <[email protected]>	2013-06-21 03:45:07 +0200
commit	eb842815498f5926828b49c48fffce22fc9586a2 (patch)
tree	b3aac763bb16890f7f3b3c69b5cdec3febf654f2 /src/java/com/jogamp/common/os/NativeLibrary.java
parent	19bef683d38f4ce7b0dcb5c516244c6f87504e41 (diff)