summaryrefslogtreecommitdiffstats
path: root/src/java/jogamp/common/os/BionicDynamicLinkerImpl.java
diff options
context:
space:
mode:
authorSven Gothel <[email protected]>2013-06-21 03:45:07 +0200
committerSven Gothel <[email protected]>2013-06-21 03:45:07 +0200
commiteb842815498f5926828b49c48fffce22fc9586a2 (patch)
treeb3aac763bb16890f7f3b3c69b5cdec3febf654f2 /src/java/jogamp/common/os/BionicDynamicLinkerImpl.java
parent19bef683d38f4ce7b0dcb5c516244c6f87504e41 (diff)
Security: Tighten DynamicLinker*, NativeLibrary and DynamicLibraryBundle access (2)
- Completes 23341a2df2d2ea36784a16fa1db8bc7385351a12 - Replace 'DynamicLinker' interface w/ well documented one - All DynamicLinker methods are now considered secure, i.e.: - open/lookup and close utilize reference counting on handle via a hash map. - lookupSymbol(..) and close(..) impl. validate the passed library handle whether it's retrieved via open*. This is the fast path, not that expensive. - lookupSymbolGlobal(..) performs Check acccess of 'new RuntimePermission("loadLibrary.*")' if SecurityManager is installed. This is the slow path. - DynamicLibraryBundleInfo now reflects the security requirements, i.e. whether priviledged access is needed.
Diffstat (limited to 'src/java/jogamp/common/os/BionicDynamicLinkerImpl.java')
-rw-r--r--src/java/jogamp/common/os/BionicDynamicLinkerImpl.java19
1 files changed, 16 insertions, 3 deletions
diff --git a/src/java/jogamp/common/os/BionicDynamicLinkerImpl.java b/src/java/jogamp/common/os/BionicDynamicLinkerImpl.java
index b4ae70e..15d884f 100644
--- a/src/java/jogamp/common/os/BionicDynamicLinkerImpl.java
+++ b/src/java/jogamp/common/os/BionicDynamicLinkerImpl.java
@@ -55,7 +55,13 @@ public final class BionicDynamicLinkerImpl extends UnixDynamicLinkerImpl {
// having to dlsym all entry points. System.loadLibrary() uses
// RTLD_LOCAL visibility so can't be used for this purpose.
SecurityUtil.checkLinkPermission(pathname);
- return dlopen(pathname, RTLD_LAZY | RTLD_LOCAL);
+ final long handle = dlopen(pathname, RTLD_LAZY | RTLD_LOCAL);
+ if( 0 != handle ) {
+ incrLibRefCount(handle, pathname);
+ } else if ( DEBUG || debug ) {
+ System.err.println("dlopen \""+pathname+"\" local failed, error: "+dlerror());
+ }
+ return handle;
}
@Override
@@ -68,11 +74,18 @@ public final class BionicDynamicLinkerImpl extends UnixDynamicLinkerImpl {
// having to dlsym all entry points. System.loadLibrary() uses
// RTLD_LOCAL visibility so can't be used for this purpose.
SecurityUtil.checkLinkPermission(pathname);
- return dlopen(pathname, RTLD_LAZY | RTLD_GLOBAL);
+ final long handle = dlopen(pathname, RTLD_LAZY | RTLD_GLOBAL);
+ if( 0 != handle ) {
+ incrLibRefCount(handle, pathname);
+ } else if ( DEBUG || debug ) {
+ System.err.println("dlopen \""+pathname+"\" global failed, error: "+dlerror());
+ }
+ return handle;
}
@Override
- public final long lookupSymbolGlobal(String symbolName) {
+ public final long lookupSymbolGlobal(String symbolName) throws SecurityException {
+ SecurityUtil.checkAllLinkPermission();
final long addr = dlsym(RTLD_DEFAULT, symbolName);
if(DEBUG_LOOKUP) {
System.err.println("DynamicLinkerImpl.lookupSymbolGlobal("+symbolName+") -> 0x"+Long.toHexString(addr));