From 23341a2df2d2ea36784a16fa1db8bc7385351a12 Mon Sep 17 00:00:00 2001 From: Sven Gothel Date: Thu, 20 Jun 2013 08:11:29 +0200 Subject: Security: Tighten DynamicLinker*, NativeLibrary and DynamicLibraryBundle access. --- .../com/jogamp/common/os/DynamicLibraryBundle.java | 74 +++++++++++----------- src/java/com/jogamp/common/os/NativeLibrary.java | 66 +++++++++---------- 2 files changed, 70 insertions(+), 70 deletions(-) (limited to 'src/java/com/jogamp/common') diff --git a/src/java/com/jogamp/common/os/DynamicLibraryBundle.java b/src/java/com/jogamp/common/os/DynamicLibraryBundle.java index 349106a..b47c69b 100644 --- a/src/java/com/jogamp/common/os/DynamicLibraryBundle.java +++ b/src/java/com/jogamp/common/os/DynamicLibraryBundle.java @@ -64,15 +64,16 @@ import com.jogamp.common.util.awt.AWTEDTExecutor; public class DynamicLibraryBundle implements DynamicLookupHelper { public static final boolean USE_CURRENT_THREAD_LIBLOADER = Debug.debug("NativeLibrary.UseCurrentThreadLibLoader"); - private DynamicLibraryBundleInfo info; + private final DynamicLibraryBundleInfo info; - private List> toolLibNames; - private boolean[] toolLibLoaded; + protected final List nativeLibraries; + private final List> toolLibNames; + private final List glueLibNames; + private final boolean[] toolLibLoaded; + private int toolLibLoadedNumber; - protected List nativeLibraries; - private List glueLibNames; - private boolean[] glueLibLoaded; + private final boolean[] glueLibLoaded; private int glueLibLoadedNumber; private long toolGetProcAddressHandle; @@ -107,10 +108,30 @@ public class DynamicLibraryBundle implements DynamicLookupHelper { nativeLibraries = new ArrayList(); toolLibNames = info.getToolLibNames(); glueLibNames = info.getGlueLibNames(); + toolLibLoaded = new boolean[toolLibNames.size()]; + if(DEBUG) { + if( toolLibNames.size() == 0 ) { + System.err.println("No Tool native library names given"); + } + + if( glueLibNames.size() == 0 ) { + System.err.println("No Glue native library names given"); + } + } + + for(int i=toolLibNames.size()-1; i>=0; i--) { + toolLibLoaded[i] = false; + } + glueLibLoaded = new boolean[glueLibNames.size()]; + for(int i=glueLibNames.size()-1; i>=0; i--) { + glueLibLoaded[i] = false; + } + info.getLibLoaderExecutor().invoke(true, new Runnable() { public void run() { loadLibraries(); } } ) ; + toolGetProcAddressFuncNameList = info.getToolGetProcAddressFuncNameList(); if( null != toolGetProcAddressFuncNameList ) { toolGetProcAddressFuncNameSet = new HashSet(toolGetProcAddressFuncNameList); @@ -134,7 +155,7 @@ public class DynamicLibraryBundle implements DynamicLookupHelper { } /** Unload all {@link NativeLibrary}s, and remove all references. */ - public void destroy() { + public final void destroy() { if(DEBUG) { System.err.println(Thread.currentThread().getName()+" - DynamicLibraryBundle.destroy() START: "+info.getClass().getName()); } @@ -145,13 +166,11 @@ public class DynamicLibraryBundle implements DynamicLookupHelper { nativeLibraries.get(i).close(); } nativeLibraries.clear(); - nativeLibraries = null; - toolLibNames = null; - glueLibNames = null; + toolLibNames.clear(); + glueLibNames.clear(); if(DEBUG) { System.err.println(Thread.currentThread().getName()+" - DynamicLibraryBundle.destroy() END: "+info.getClass().getName()); } - info = null; } public final boolean isLibComplete() { @@ -215,7 +234,7 @@ public class DynamicLibraryBundle implements DynamicLookupHelper { public final DynamicLibraryBundleInfo getBundleInfo() { return info; } - protected long getToolGetProcAddressHandle() { + protected final long getToolGetProcAddressHandle() { if(!isToolLibLoaded()) { return 0; } @@ -230,7 +249,7 @@ public class DynamicLibraryBundle implements DynamicLookupHelper { return aptr; } - protected NativeLibrary loadFirstAvailable(List libNames, ClassLoader loader, boolean global) { + protected final NativeLibrary loadFirstAvailable(List libNames, ClassLoader loader, boolean global) { for (int i=0; i < libNames.size(); i++) { final NativeLibrary lib = NativeLibrary.open(libNames.get(i), loader, global); if (lib != null) { @@ -240,27 +259,8 @@ public class DynamicLibraryBundle implements DynamicLookupHelper { return null; } - private void loadLibraries() { + private final void loadLibraries() { int i; - toolLibLoaded = new boolean[toolLibNames.size()]; - for(i=toolLibNames.size()-1; i>=0; i--) { - toolLibLoaded[i] = false; - } - glueLibLoaded = new boolean[glueLibNames.size()]; - for(i=glueLibNames.size()-1; i>=0; i--) { - glueLibLoaded[i] = false; - } - - if(DEBUG) { - if( toolLibNames.size() == 0 ) { - System.err.println("No Tool native library names given"); - } - - if( glueLibNames.size() == 0 ) { - System.err.println("No Glue native library names given"); - } - } - toolLibLoadedNumber = 0; final ClassLoader cl = info.getClass().getClassLoader(); NativeLibrary lib = null; @@ -314,7 +314,7 @@ public class DynamicLibraryBundle implements DynamicLookupHelper { } } - private long dynamicLookupFunctionOnLibs(String funcName) { + private final long dynamicLookupFunctionOnLibs(String funcName) { if(!isToolLibLoaded() || null==funcName) { if(DEBUG_LOOKUP && !isToolLibLoaded()) { System.err.println("Lookup-Native: <" + funcName + "> ** FAILED ** Tool native library not loaded"); @@ -344,7 +344,7 @@ public class DynamicLibraryBundle implements DynamicLookupHelper { return addr; } - private long toolDynamicLookupFunction(String funcName) { + private final long toolDynamicLookupFunction(String funcName) { if(0 != toolGetProcAddressHandle) { long addr = info.toolGetProcAddress(toolGetProcAddressHandle, funcName); if(DEBUG_LOOKUP) { @@ -357,7 +357,7 @@ public class DynamicLibraryBundle implements DynamicLookupHelper { return 0; } - public long dynamicLookupFunction(String funcName) { + public final long dynamicLookupFunction(String funcName) { if(!isToolLibLoaded() || null==funcName) { if(DEBUG_LOOKUP && !isToolLibLoaded()) { System.err.println("Lookup: <" + funcName + "> ** FAILED ** Tool native library not loaded"); @@ -385,7 +385,7 @@ public class DynamicLibraryBundle implements DynamicLookupHelper { } /** Inherit access */ - static class GlueJNILibLoader extends JNILibLoaderBase { + static final class GlueJNILibLoader extends JNILibLoaderBase { protected static synchronized boolean loadLibrary(String libname, boolean ignoreError, ClassLoader cl) { return JNILibLoaderBase.loadLibrary(libname, ignoreError, cl); } diff --git a/src/java/com/jogamp/common/os/NativeLibrary.java b/src/java/com/jogamp/common/os/NativeLibrary.java index f39ac77..d34620e 100644 --- a/src/java/com/jogamp/common/os/NativeLibrary.java +++ b/src/java/com/jogamp/common/os/NativeLibrary.java @@ -46,7 +46,7 @@ import com.jogamp.common.util.cache.TempJarCache; import jogamp.common.os.BionicDynamicLinkerImpl; import jogamp.common.os.MacOSXDynamicLinkerImpl; import jogamp.common.os.PlatformPropsImpl; -import jogamp.common.os.UnixDynamicLinkerImpl; +import jogamp.common.os.PosixDynamicLinkerImpl; import jogamp.common.os.WindowsDynamicLinkerImpl; import java.io.*; @@ -68,10 +68,10 @@ import java.util.*; ProcAddressTable glue code generation style without additional supporting code needed in the generated library. */ -public class NativeLibrary implements DynamicLookupHelper { - private static DynamicLinker dynLink; - private static String[] prefixes; - private static String[] suffixes; +public final class NativeLibrary implements DynamicLookupHelper { + private static final DynamicLinker dynLink; + private static final String[] prefixes; + private static final String[] suffixes; static { // Instantiate dynamic linker implementation @@ -101,7 +101,7 @@ public class NativeLibrary implements DynamicLookupHelper { case OPENKODE: case LINUX: */ default: - dynLink = new UnixDynamicLinkerImpl(); + dynLink = new PosixDynamicLinkerImpl(); prefixes = new String[] { "lib" }; suffixes = new String[] { ".so" }; break; @@ -114,9 +114,9 @@ public class NativeLibrary implements DynamicLookupHelper { private long libraryHandle; // May as well keep around the path to the library we opened - private String libraryPath; + private final String libraryPath; - private boolean global; + private final boolean global; // Private constructor to prevent arbitrary instances from floating around private NativeLibrary(long libraryHandle, String libraryPath, boolean global) { @@ -128,7 +128,7 @@ public class NativeLibrary implements DynamicLookupHelper { } } - public String toString() { + public final String toString() { return "NativeLibrary[" + libraryPath + ", 0x" + Long.toHexString(libraryHandle) + ", global " + global + "]"; } @@ -136,7 +136,7 @@ public class NativeLibrary implements DynamicLookupHelper { name on all platforms, looking first in the system's search path, and in the context of the specified ClassLoader, which is used to help find the library in the case of e.g. Java Web Start. */ - public static NativeLibrary open(String libName, ClassLoader loader) { + public static final NativeLibrary open(String libName, ClassLoader loader) { return open(libName, libName, libName, true, loader, true); } @@ -144,7 +144,7 @@ public class NativeLibrary implements DynamicLookupHelper { name on all platforms, looking first in the system's search path, and in the context of the specified ClassLoader, which is used to help find the library in the case of e.g. Java Web Start. */ - public static NativeLibrary open(String libName, ClassLoader loader, boolean global) { + public static final NativeLibrary open(String libName, ClassLoader loader, boolean global) { return open(libName, libName, libName, true, loader, global); } @@ -163,19 +163,19 @@ public class NativeLibrary implements DynamicLookupHelper { dynamic loading facility is used correctly the version number will be irrelevant. */ - public static NativeLibrary open(String windowsLibName, - String unixLibName, - String macOSXLibName, - boolean searchSystemPathFirst, - ClassLoader loader) { + public static final NativeLibrary open(String windowsLibName, + String unixLibName, + String macOSXLibName, + boolean searchSystemPathFirst, + ClassLoader loader) { return open(windowsLibName, unixLibName, macOSXLibName, searchSystemPathFirst, loader, true); } - public static NativeLibrary open(String windowsLibName, - String unixLibName, - String macOSXLibName, - boolean searchSystemPathFirst, - ClassLoader loader, boolean global) { + public static final NativeLibrary open(String windowsLibName, + String unixLibName, + String macOSXLibName, + boolean searchSystemPathFirst, + ClassLoader loader, boolean global) { List possiblePaths = enumerateLibraryPaths(windowsLibName, unixLibName, macOSXLibName, @@ -228,32 +228,32 @@ public class NativeLibrary implements DynamicLookupHelper { } /** Looks up the given function name in this native library. */ - public long dynamicLookupFunction(String funcName) { + public final long dynamicLookupFunction(String funcName) { if (libraryHandle == 0) throw new RuntimeException("Library is not open"); return dynLink.lookupSymbol(libraryHandle, funcName); } /** Looks up the given function name in all loaded libraries. */ - public static long dynamicLookupFunctionGlobal(String funcName) { + public static final long dynamicLookupFunctionGlobal(String funcName) { return dynLink.lookupSymbolGlobal(funcName); } /** Retrieves the low-level library handle from this NativeLibrary object. On the Windows platform this is an HMODULE, and on Unix and Mac OS X platforms the void* result of calling dlopen(). */ - public long getLibraryHandle() { + public final long getLibraryHandle() { return libraryHandle; } /** Retrieves the path under which this library was opened. */ - public String getLibraryPath() { + public final String getLibraryPath() { return libraryPath; } /** Closes this native library. Further lookup operations are not allowed after calling this method. */ - public void close() { + public final void close() { if (DEBUG) { System.err.println("NativeLibrary.close(): closing " + this); } @@ -278,7 +278,7 @@ public class NativeLibrary implements DynamicLookupHelper { * * @return basename of libName w/o path, ie. /usr/lib/libDrinkBeer.so -> DrinkBeer on Unix systems, but null on Windows. */ - public static String isValidNativeLibraryName(String libName, boolean isLowerCaseAlready) { + public static final String isValidNativeLibraryName(String libName, boolean isLowerCaseAlready) { final String libBaseName; try { libBaseName = IOUtil.getBasename(libName); @@ -307,7 +307,7 @@ public class NativeLibrary implements DynamicLookupHelper { /** Given the base library names (no prefixes/suffixes) for the various platforms, enumerate the possible locations and names of the indicated native library on the system. */ - public static List enumerateLibraryPaths(final String windowsLibName, + public static final List enumerateLibraryPaths(final String windowsLibName, final String unixLibName, final String macOSXLibName, final boolean searchSystemPathFirst, @@ -409,7 +409,7 @@ public class NativeLibrary implements DynamicLookupHelper { } - private static String selectName(String windowsLibName, + private static final String selectName(String windowsLibName, String unixLibName, String macOSXLibName) { switch (PlatformPropsImpl.OS_TYPE) { @@ -431,7 +431,7 @@ public class NativeLibrary implements DynamicLookupHelper { } } - private static String[] buildNames(String libName) { + private static final String[] buildNames(String libName) { // If the library name already has the prefix / suffix added // (principally because we want to force a version number on Unix // operating systems) then just return the library name. @@ -491,7 +491,7 @@ public class NativeLibrary implements DynamicLookupHelper { return res; } - private static void addPaths(String path, String[] baseNames, List paths) { + private static final void addPaths(String path, String[] baseNames, List paths) { for (int j = 0; j < baseNames.length; j++) { paths.add(path + File.separator + baseNames[j]); } @@ -499,7 +499,7 @@ public class NativeLibrary implements DynamicLookupHelper { private static boolean initializedFindLibraryMethod = false; private static Method findLibraryMethod = null; - private static String findLibraryImpl(final String libName, final ClassLoader loader) { + private static final String findLibraryImpl(final String libName, final ClassLoader loader) { if (loader == null) { return null; } @@ -538,7 +538,7 @@ public class NativeLibrary implements DynamicLookupHelper { } return null; } - public static String findLibrary(final String libName, final ClassLoader loader) { + public static final String findLibrary(final String libName, final ClassLoader loader) { String res = null; if(TempJarCache.isInitialized()) { res = TempJarCache.findLibrary(libName); -- cgit v1.2.3